A Major Point of CCIE Lab Exam: NAT - Network Address Translation

CCNA 200-301

CCNA 200-301

CCNP Enterprise

CCNP Enterprise

CCNP Security

CCNP Security

CCIE Enterprise Lab

CCIE Enterprise Lab

CCIE Security Lab

CCIE Security Lab

CCNP Service Provider

CCNP Service Provider

CCNP Data Center

CCNP Data Center

CCNP Collaboration

CCNP Collaboration

CCIE DC Lab

CCIE DC Lab

ic_r
ic_l
A Major Point of CCIE Lab Exam: NAT - Network Address Translation
images

Network Address Translation (NAT)

Network Address Translation (NAT) is considered to be a process in which one or more local IP address is translated into one or more Global IP address and vice versa to provide Internet access to the local hosts. Also, it would be doing the translation of port numbers i.e. masks the port number of the host with another port number, in the packet that would be routed to the destination. It then makes the corresponding entries of IP address as well as the port number in the NAT table. NAT generally would be operating on router or firewall.

Network Address Translation (NAT) working 

 Generally, the border router is configured for NAT i.e the router which has one interface in local (inside) network and one interface in the global (outside) network. When a packet traverse outside the local (inside) network, then NAT converts that local (private) IP address to a global (public) IP address. When a packet enters the local network, the global (public) IP address is converted to a local (private) IP address.

If you wish to have more knowledge about the NAT, you could have it through the prep courses which are being offered at the SPOTO Club.

Why mask port numbers?

 Let’s assume, in a network, two hosts A and B are connected. Now, both of them request for the same destination, on the same port number, say 1000, on the host side, at the same time. If NAT does an only translation of IP addresses, then when their packets will arrive at the NAT, both of their IP addresses would be masked by the public IP address of the network as well as sent to the destination. The destination would be sending replies on the public IP address of the router. Thus, on receiving a reply, it will be unclear to NAT as to which reply belongs to which host (because source port numbers for both A and B are same). Hence, to avoid such a problem, NAT masks the source port number as well and makes an entry in the NAT table.

NAT inside and outside addresses 

 Inside would be referred to the addresses which must be translated. Outside would be referred to the addresses which are not in control of an organization. These are the network Addresses in which the translation of the addresses would be needed to do.

Network Address Translation (NAT) Types

 There are 3 ways to configure NAT

1.    Static NAT – In this, a single unregistered (Private) IP address would be mapped with a legally registered (Public) IP address i.e one-to-one mapping between local and global address. This is generally used for Web hosting. These are not used in organizations as there would be many devices which would be needing Internet access and to provide Internet access, a public IP address is needed.

2.    Dynamic NAT – In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address from a pool of public IP address. If the IP address of pool is not free, then the packet will be dropped as an only a fixed number of private IP address can be translated to public addresses.

3.    Port Address Translation (PAT) – This is also considered as NAT overload. In this, many local (private) IP addresses can be translated to a single registered IP address. Port numbers are used to differentiate the traffic i.e., which traffic would be belonging to which IP address. This is most frequently utilized as it is cost-effective as thousands of users could be connected to the Internet by utilizing only one real global (public) IP address.

 

I would recommend you to gain the courses offered at the SPOTO Club, to have more insight on this topic.

More you may be interested:

1. Introduction to TCPIP VLSM

2. Introduction to Local Area Network (LAN)

3. Frequently Asked Questions about CCIE Lab Exam Location

4. About Certified Information Systems Security Professional or CISSP Salary

5. The Learning Method And Growth Path of Network Engineering Beginners