Network Address Translation Based on Chapters 23 in Computer Networks and Internets, Comer CSIT 320 (Blum)

Network Address Translation NAT (Network Address Translation) is a scheme for a network to use one set of addresses internally but to have the outside world see a different set of addresses, possibly only one address. It can be used as a security measure since it hides internal addresses from the outside world. It can be used to expand one’s address space. One can use non-routable addresses, and different networks can use the same internal addresses provided their external address is unique. CSIT 320 (Blum)

NAT: Figure 26.4 CSIT 320 (Blum)

NAT Tables The translator understands the local addresses and the external address. It maintains a table of what internal addresses (computers) are communicating with which external addresses. CSIT 320 (Blum)

CSIT 320 (Blum)

Dilemma But what if two internal addresses are communicating with the same external address? How would the translator know which internal address to deliver a message to? CSIT 320 (Blum)

Solution (NAPT) Recall that beyond IP addresses there is an additional part of the addressing scheme – the ports. The translator can associate different internal addresses with its different ports. Then it can distinguish differ incoming messages by which port they come in on. This is known as Network Address and Port Translation (NAPT). CSIT 320 (Blum)

NAPT Table (Figure 26.4) CSIT 320 (Blum)

Another Dilemma Associating internal addresses with ports is fine for sessions initiated by the internal machines, but what if the outside wants to initiate? The outside world will know the internal computers not by IP addresses but by domain names. Therefore this can be resolved by having the local DNS and NAT servers coordinate. CSIT 320 (Blum)

Other References http://www.whatis.com http://www.webopedia.com CSIT 320 (Blum)