Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
Similar to Classless Inter-Domain Routing (CIDR), the original intention for NAT was to slow
the depletion of available IP address space by allowing many private IP addresses to be represented
by some smaller number of public IP addresses.
Since then, it’s been discovered that NAT is also a useful tool for network migrations and
mergers, server load sharing, and creating "virtual servers." So in this section, I’m going to
describe the basics of NAT functionality and the terminology common to NAT.
At times, NAT really decreases the overwhelming amount of public IP addresses required
in your networking environment. And NAT comes in really handy when two companies that
have duplicate internal addressing schemes merge. NAT is also great to have around when an
organization changes its Internet service provider (ISP) and the networking manager doesn’t
want the hassle of changing the internal address scheme.
Here’s a list of situations when it’s best to have NAT on your side:
You need to connect to the Internet and your hosts don’t have globally unique IP
addresses.
You change to a new ISP that requires you to renumber your network.
You need to merge two intranets with duplicate addresses.
You typically use NAT on a border router. For an illustration of this, see Figure 3.23.
Now you may be thinking, “NAT’s totally cool. It’s the grooviest greatest network gadget
and I just gotta have it.” Well, hang on a minute. There are truly some serious snags related
to NAT use. Oh, don’t get me wrong: It really can save you sometimes, but there’s a dark side
you need to know about, too. For a visual of the pros and cons linked to using NAT, check
out Table 3.4.
FIGURE 3 . 2 3 Where to configure NAT
162 Chapter 3 IP Subnetting, Variable Length Subnet Masks (VLSMs),
Types of Network Address Translation
In this section, I’m going to go over the three types of NAT with you:
Static NAT This type of NAT is designed to allow one-to-one mapping between local and
global addresses. Keep in mind that the static version requires you to have one real Internet
IP address for every host on your network.
Dynamic NAT This version gives you the ability to map an unregistered IP address to a registered
IP address from out of a pool of registered IP addresses. You don’t have to statically
configure your router to map an inside to an outside address as you would using static NAT,
but you do have to have enough real, bona-fide IP addresses for everyone who’s going to be
sending packets to and receiving them from the Internet.
Overloading This is the most popular type of NAT configuration. Understand that overloading
really is a form of dynamic NAT that maps multiple unregistered IP addresses to a single
registered IP address—many-to-one—by using different ports. Now, why is this so special?
Well, because it’s also known as Port Address Translation (PAT). And by using PAT (NAT
Overload), you get to have thousands of users connect to the Internet using only one real
global IP address—pretty slick, yeah? Seriously, NAT Overload is the real reason we haven’t
run out of valid IP address on the Internet. Really—I’m not joking.
NAT Names
The names we use to describe the addresses used with NAT are pretty simple. Addresses used
after NAT translations are called global addresses. These are usually the public addresses
used on the Internet, but remember, you don’t need public addresses if you aren’t going on
the Internet.
TABLE 3 . 4 Advantages and Disadvantages of Implementing NAT
Advantages Disadvantages
Conserves legally registered addresses. Translation introduces switching path delays.
Reduces address overlap occurrence. Loss of end-to-end IP traceability.
Increases flexibility when connecting to
Internet.
Certain applications will not function with
NAT enabled.
Eliminates address renumbering as
network changes.
How NAT Works 163
Local addresses are the ones we use before NAT translation. So, the inside local address is
actually the private address of the sending host that’s trying to get to the Internet, while the outside
local address is the address of the destination host. The latter is usually a public address (web
address, mail server, etc.) and is how the packet begins its journey.
After translation, the inside local address is then called the inside global address and the
outside global address then becomes the name of the destination host. Check out Table 3.5,
which lists all this terminology, for a clear picture of the various names used with NAT.
How NAT Works
Okay, now it’s time to look at how this whole NAT thing works. I’m going to start by using
Figure 3.24 to describe the basic translation of NAT.
In the example shown in Figure 3.24, host 10.1.1.1 sends an outbound packet to the border
router configured with NAT. The router identifies the IP address as an inside local IP address
destined for an outside network, translates the address, and documents the translation in the
NAT table.
The packet is sent to the outside interface with the new translated source address. The
external host returns the packet to the destination host and the NAT router translates
the inside global IP address back to the inside local IP address using the NAT table. This
is as simple as it gets.
Let’s take a look at a more complex configuration using overloading, or what is also
referred to as Port Address Translation (PAT). I’ll use Figure 3.25 to demonstrate how
PAT works.
With overloading, all inside hosts get translated to one single IP address, hence the term
overloading. Again, the reason we have not run out of available IP addresses on the Internet
is because of overloading (PAT).
Take a look at the NAT table in Figure 3.25 again. In addition to the inside local IP address
and outside global IP address, we now have port numbers. These port numbers help the router
identify which host should receive the return traffic.
TABLE 3 . 5 NAT Terms
Names Meaning
Inside local Name of inside source address before translation
Outside local Name of destination host before translation
Inside global Name of inside host after translation
Outside global Name of outside destination host after translation
164 Chapter 3 IP Subnetting, Variable Length Subnet Masks (VLSMs),
FIGURE 3 . 2 4 Basic NAT translation
FIGURE 3 . 2 5 NAT overloading example (PAT)
Exam Essentials 165
Port numbers are used at the Transport layer to identify the local host in this example. If we
had to use IP addresses to identify the source hosts, that would be called static NAT and we
would run out of addresses. PAT allows us to use the Transport layer to identify the hosts, which
in turn allows us to use (theoretically) up to 65,000 hosts with one real IP address.
You’re done, the diva has sung, the chicken has crossed the road…whew! Okay, take a good
break (but skip the shot and the beer for now), then come back and go through the written labs
and review questions.
Useful information. Click here
ReplyDelete