Network

What is NAT (Network Address Translation)?

In this tutorial, we are going to see What is NAT (Network Address Translation)?

The Network Address Translation (NAT) mechanism was developed to address the problem of IP address limitations with the IPv4 protocol (the IPv6 protocol will eventually fix this problem).

Indeed, in IPv4 addressing, the number of routable IP addresses is not sufficient to allow all the machines that need to be connected to the Internet.

The NAT concept consists of using a gateway to connect to the Internet, with at least one network interface connected to the internal network and at least one network interface connected to the Internet (with a routable IP address), to connect all the machines on the network.
 


 
 
This involves translating packets from the internal network to the external network at the gateway.

Thus, each machine on the network that needs to access the Internet is configured to use the NAT gateway (by specifying the IP address of the gateway in the “Gateway” field of its TCP/IP parameters). When a machine on the network makes a request to the Internet, the gateway makes the request for it, receives the response, and then forwards it to the machine that made the request.

Since the gateway completely disguises the internal addressing of a network, the address translation mechanism provides a security function. Indeed, to an exterior user of the network, all requests seem to come from the IP address of the gateway.
 

 

Address Slots:

The organization managing the public address (routable IP addresses) is the Internet Assigned Number Authority (IANA). The RFC 1918 defines a private address space allowing any organization to assign IP addresses to machines in its internal network without the risk of conflicting with a public IP address allocated by the IANA. These so-called non-routable addresses correspond to the following address ranges:

  • Class A: range from 10.0.0.0 to 10.255.255.255;
  • Class B: range from 172.16.0.0 to 172.31.255.255;
  • Class C: range from 192.168.0.0 to 192.168.255.55;

All machines in an internal network, connected to the Internet through a router and not having a public IP address must use an address contained in one of these ranges. For small home networks, the address range 192.168.0.1 to 192.168.0.255 is generally used.
 

 

Static Translation

The idea behind static NAT is to associate a public IP address with a private IP address within the network. The router (or more precisely the gateway) can therefore associate a private IP address (for example 192.168.0.1) with a public IP address that can be routed on the Internet and translate it, in both directions, by changing the address in the IP packet.

Static address translation thus makes it possible to connect machines on the internal network to the Internet in a transparent manner, but does not solve the problem of address limitations since n routable IP addresses are needed to connect n machines on the internal network.
 

Dynamic Translation

Dynamic NAT allows a routable IP address (or a limited number of routable IP addresses) to be shared between several devices in the private network. Thus, all machines on the internal network have virtually the same IP address as seen from the outside. This is why the term “IP masquerading” is sometimes used to describe the dynamic address translation mechanism.

In order to be able to “multiplex” (share) different IP addresses onto one or more routable IP addresses, Dynamic NAT uses the Port Address Translation (PAT) mechanism, i.e., assigning a different source port to each request so as to be able to maintain a correspondence between the requests coming from the internal network and the responses from the machines on the Internet, all of them sent to the router’s IP address.
 
mcq-networking-question-answerComputer Network MCQ – Questions and Answers – Part 1Networking MCQs questions with answers to prepare for exams, tests, and certifications. These questions are taken from a real written exam and some parts are…Read More

Leave a Reply

Your email address will not be published. Required fields are marked *