What is Network Address Translation? A Beginner’s Easy Guide.
Introduction
Network address translation in our private network allows multiple devices to share a single IP address when they try to access the outside network. It conserves public IP addresses and hides private IP addresses by enhancing network security. We will define in this article, define NAT, its types, and its practical implementation in a lab environment, which will help CCNA and CCNP students.
What is Network Address Translation?
The internet became very popular in the 1990s. IP addresses were assigned to every device on the internet, due to which the lack of IP addresses was felt. It seemed that the IP address would expire in a short time. So some solutions started working. Some solutions were long-term, such as IPv6 and some were short-term terms, such as CIDR and NAT.
Network Address Translation is a mechanism by which we map hosts on our local area network with public IP addresses and allow them to access the Internet. The main purpose of the network address translation is to conserve public IP addresses.
On one side, it conserves public IP addresses while on the other side; it protects a private network from outside the network by hiding the local host’s IP addresses.
We are configuring NAT at the Edge network, and the edge of the network is either router or firewall.
NAT Terminologies
- Inside Local Address: Those IP addresses that are assigned to the private network or addresses before NATing, e.g. 192.168.1.20/24
- Inside Global Address: An IP address after NATing or after translation is known as an inside global address, for example, 1.1.1.1/8.
- Outside Global Address: Outside Global Address is an IP address after the translation for which we are sending actual data. It is a destination IP address on the private network, e.g. 2.1.1.1/8.
- Outside Local Address: It is the public IP address of the destination host before translation,e.g. 192.168.2.20/24.
NAT Types
The NAT has the following three main types:
- Static NAT: Static NAT maps a single private IP address to a single public IP address. Normally, we use this type of NAT for accessing a specific host from the outside world, such as web servers. Only the specific local host can reach the internet.
- Dynamic NAT: NAT that maps private IP addresses to a pool of public IP addresses is known as dynamic NAT. The local host can’t cross the limit of the defined pool. We use this for when multiple devices on a private network need access to the internet but do not need a consistent public IP address.
- PAT: Port address translation or PAT, which is also known as NAT overloading. It allows multiple local PCs to be connected to the internet against a single public IP address. PAT uses port numbers to distinguish devices by mapping each session to a different port number on the public IP address.
Why NAT is Important
It plays a critical role in the field of computer networking, such as
- IP Address Conservation: There are a limited number of IPv4 addresses. But NAT allows our multiple devices to share a single public IP address. So, it helps us to conserve these limited number of IPv4 addresses.
- Security: NAT hides the real IP address of a device from the external network, which makes it difficult for hackers to directly attack devices on the private network.
- Network Flexibility: Network address translation doesn’t affect external network communications by changing the internal network structure of the organization, which provides greater flexibility in the network management environment.
Common NAT Troubleshooting Tips
- NAT Overload Misconfiguration: You must correctly configure an access list to permit the desired private IP addresses for the internet. Wrongly configured access list preventing IP addresses from being translated.
- Interface Designation: Ensures that the correct interfaces are designated as ‘ip nat inside’ and ‘ip nat outside’. If you reverse this, then it can lead to unexpected behavior and failed translations.
- IP address Pool Exhaustion: It must be ensured that the public pool dynamic NAT should handle the number of concurrent translations. If the pool is exhausted, then the additional private IP addresses will fail to be translated.