Types of Network Address Translation (NAT)
Last Updated :
25 Oct, 2021
Prerequisite - Network address translation (NAT)
Network Address Translation (NAT) is a process in which one or more local IP address is translated into one or more Global IP address and vice versa in order to provide Internet access to the local hosts. NAT generally operates on a router or firewall.
Network address translation (NAT) working -
Generally, the border router is configured for NAT i.e the router which has one interface in the local (inside) network and one interface in the global (outside) network. When a packet traverse outside the local (inside) network, then NAT converts that local (private) IP address to a global (public) IP address. When a packet enters the local network, the global (public) IP address is converted to a local (private) IP address.
If NAT runs out of addresses, i.e., no address is left in the pool configured then the packets will be dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the destination is sent.
NAT types -
There are 3 types of NAT:
1. Static NAT -
In this, a single private IP address is mapped with a single Public IP address, i.e., a private IP address is translated to a public IP address. It is used in Web hosting.
Configuration -
Here is a small topology in which there is PC having IP address 192.168.1.1/24, Router R1 having IP address 192.168.1.2/24 on interface fa0/0, 12.1.1.1/24 on fa0/1, and server having IP address 73.1.1.2/24.
Now, inside local and inside global are shown in the figure. Configuring the static NAT through command IP nat inside source static INSIDE_LOCAL_IP_ADDRESS INSIDE_GLOBAL_IP_ADDRESS.
R1(config)# ip nat inside source static 192.168.1.1 12.1.1.1
Now, we have configured the router's inside interface as IP NAT inside and outside interface as IP NAT outside.
R1(config)# int fa0/0
R1(config-if)# ip nat inside
R1(config)# int fa0/1
R1(config-if)# ip nat outside
2. Dynamic NAT -
In this type of NAT, multiple private IP addresses are mapped to a pool of public IP addresses. It is used when we know the number of fixed users who want to access the Internet at a given point in time.
Configuration -
There is a PC having IP address 192.168.1.1/24, Router R1 having IP address 192.168.1.2/24 on interface fa0/0, 12.1.1.1/24 on fa0/1, and a server having IP address 73.1.1.2/24.
Now, first configuring the access-list:
R1(config)# access-list 1 permit 192.168.1.0 0.0.0.255
Configuring the nat pool from which a public IP will be selected.
R1(config)# ip nat pool pool1 12.1.1.1 12.1.1.3 netmask 255.255.255.0
Now, enabling Dynamic NAT:
R1(config)# ip nat inside source list 1 pool pool1
At last, we have to configure router interfaces as inside or outside.
R1(config)# int fa0/0
R1(config-if)# ip nat inside
R1(config)# int fa0/1
R1(config-if)# ip nat outside
3. Port Address Translation (PAT) -
This is also known as NAT overload. In this, many local (private) IP addresses can be translated to a single public IP address. Port numbers are used to distinguish the traffic, i.e., which traffic belongs to which IP address. This is most frequently used as it is cost-effective as thousands of users can be connected to the Internet by using only one real global (public) IP address.
Configuration -
Taking the same topology, There is PC1 having IP address 192.168.1.1/24, Router R1 has IP address 192.168.1.2/24 on interface fa0/0, 12.1.1.1/24 on fa0/1, and the server has IP address 73.1.1.2/24.
Now, first configuring the access-list:
R1(config)# access-list 1 permit 192.168.1.0 0.0.0.255
Configuring the nat pool from which a public IP will be selected.
R1(config)# ip nat pool pool1 12.1.1.1 12.1.1.1 netmask 255.255.255.0
Here, note that the nat pool is shrunk to one IP address only and the IP address used is the outside interface IP address of the router. If you have additional IP then you can use that also.
Now, enabling Dynamic NAT overload (PAT):
R1(config)# ip nat inside source list 1 pool pool1 overload
Or we can also use
R1(config)# ip nat inside source list 1 interface fastEthernet 0/1 overload
At last, we have to configure router interfaces as inside or outside.
R1(config)# int fa0/0
R1(config-if)# ip nat inside
R1(config)# int fa0/1
R1(config-if)# ip nat outside
How NAT protect you:-
-It hides the IP address of any devices on your network from the outside world giving them all a single address.
-It requires every incoming packet of information to have been asked for by a device. if a malicious data packet isn't on the list of expected communications it gets rejected.
-Some firewalls can use whitelisting to block unauthorized outgoing traffic so if you do contract a piece of malware your firewall may prevent it from communicating with your device.
Similar Reads
Network Address Translation (NAT)
Network Address Translation allows (NAT) multiple devices to use the same public IP address and access the Internet. There can be total 232 (around 4.3 billion) different IPv4 addresses which is very less considering the number of IPv4 devices connected to the Internet. The idea of NAT saves from IP
7 min read
Types of Broadcast Network
In a computer network, there are multiple devices known as nodes connected together. There are multiple ways through which we can transmit data between these connected nodes. Transmission can be one-to-one, one-to-many, or many-to-many. This transmission of data in the network is known as casting. C
6 min read
Structure and Types of IP Address
IP addresses are an important part of the Internet. It can be represented as Internet Protocol address. A unique address that identifies the device over the network. They are made up of a series of numbers or alphanumeric characters that help us to identify devices on a network. Almost every device
8 min read
Port Address Translation (PAT) mapping to Private IPs
In this article we will be learning how exactly a Home network works. In the beginning we should keep in mind that when we connect our Laptops, Smart Phones Tablets etc to the home network all get a IP address. This IP address which is assigned to these devices is not public IP address rather they a
4 min read
Types of area networks - LAN, MAN and WAN
The Network allows computers to connect and communicate with different computers via any medium. LAN, MAN, and WAN are the three major types of networks designed to operate over the area they cover. There are some similarities and dissimilarities between them. One of the major differences is the geo
7 min read
Types of Network Topology
Network topology refers to the arrangement of different elements like nodes, links, or devices in a computer network. Common types of network topology include bus, star, ring, mesh, and tree topologies, each with its advantages and disadvantages. In this article, we will discuss different types of n
12 min read
Advanced NAT Techniques: Port Address Translation (PAT)
Network Address Translation (NAT) is a networking technique used in routers to modify network address information in packet headers while in transit, Its main purpose is to enable the conservation of public IP addresses and facilitate communication between devices in private or local networks and th
6 min read
What is the valid range of a Class A network address?
IPv4 addresses are categorized into five classes: A, B, C, D, and E. The order of bits in the first octet determines the class of an IP address. IPv4 address is divided into two parts:Network ID: Identifies the specific network to which a device belongs.Host ID: Identifies the specific device (host)
3 min read
Difference Between Network Address Translation (NAT) and Port Address Translation (PAT)
In the world of networking, most of the uses of IP addresses are important due to the limited availability of IPv4 addresses which is a part of network address translation. Two technologies that have been developed to address this problem are Network Address Translation and Port Address Translation.
6 min read
Types of Internetwork
Internetwork is a combination of two different words, "inter" and "network" where the inter simply means a connection and network means the system or a group of interconnected machines and systems operating at some level, based on different criteria we have different sorts of Internet works availabl
9 min read