Presentation is loading. Please wait.

Presentation is loading. Please wait.

NAT Network Address Translation. Reading CNI – pp. 251-253 Port Mapping LA – pp. 331-335 NAT.

Published byAngel Barnett Modified over 9 years ago

Similar presentations

Presentation on theme: "NAT Network Address Translation. Reading CNI – pp. 251-253 Port Mapping LA – pp. 331-335 NAT."— Presentation transcript:

1 NAT Network Address Translation

2 Reading CNI – pp. 251-253 Port Mapping LA – pp. 331-335 NAT

3 NETWORK ADDRESS TRANSLATION

4 Network Address Translation Gateway and firewall hardware often has network address translation (NAT) functionality built in Hosts protected behind a firewall commonly have addresses in the "private address range“ Hides the true address of protected hosts Originally, developed to address the limited amount of IPv4 routable addresses available  By companies  By individuals Reduce amounts of addresses required  Reduce the cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance

5 Nat Flavors Two kinds of network address translation: Simple "NAT"  also sometimes named "Network Address Port Translation" or "NAPT" or even PAT Involves the mapping of port numbers Allows multiple machines to share a single IP address TCP Header Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

6 Nat Flavors Two kinds of network address translation: “Other” NAT  "one-to-one NAT" or "basic NAT" or “static NAT” Involves only address translation, not port mapping Requires a unique external IP address for each simultaneous connection Broadband routers often use this feature  Sometimes labeled "DMZ host“  Allows a designated computer to accept all external connections even when the router itself uses the only available external IP address Example 50 hosts in the LAN  All with Local addresses 10 IP addresses for the Internet Up to 10 of the LAN hosts can access the internet through the Internet IP addresses

7 NATP NAT with port-translation comes in two sub- types: Source address translation (source NAT) Re-writes the IP address of the computer which initiated the connection Destination address translation (destination NAT) In practice Both are usually used together in coordination for two-way communication

8 NAT Summary Allows private addresses access to internet Allows many addresses to share A single address A small set of addresses

Download ppt "NAT Network Address Translation. Reading CNI – pp. 251-253 Port Mapping LA – pp. 331-335 NAT."

Similar presentations

CST 415 - Computer Networks NAT CST 415 4/10/2017 CST 415 - Computer Networks.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
TCP/IP Christopher Zacky. lolwut Decimal Numbers.

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
©2012 ClearOne Communications. Confidential and proprietary. COLLABORATE ® Video Conferencing Networking Basics.

©2012 ClearOne Communications. Confidential and proprietary. COLLABORATE ® Video Conferencing Networking Basics.
Configuring a Router with RIP Basic Configuration and Show Commands.

Configuring a Router with RIP Basic Configuration and Show Commands.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—5-1 WAN Connections Enabling the Internet Connection.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—5-1 WAN Connections Enabling the Internet Connection.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
Small Office Service Serial Router Connects Internal Stations to Shared Broadband Access Service Small Office Serial Router Shared Broadband Line ISP.

Small Office Service Serial Router Connects Internal Stations to Shared Broadband Access Service Small Office Serial Router Shared Broadband Line ISP.
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
Wi-Fi Structures.

Wi-Fi Structures.
Source Port # (16)Destination Port # (16) Sequence Number (32 bits) Acknowledgement Number (32 bits) Hdr Len (4) Flags (6)Window Size (16) Options (if.

Source Port # (16)Destination Port # (16) Sequence Number (32 bits) Acknowledgement Number (32 bits) Hdr Len (4) Flags (6)Window Size (16) Options (if.
Subnetting.

Subnetting.
Hardware Firewall Feature © N. Ganesan, Ph.D.. Chapter Objectives Show the configuration of a hardware firewall such as Dlink DI 604 Illustrate the sharing.

Hardware Firewall Feature © N. Ganesan, Ph.D.. Chapter Objectives Show the configuration of a hardware firewall such as Dlink DI 604 Illustrate the sharing.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)

Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
Middleboxes & Network Appliances EE122 TAs Past and Present.

Middleboxes & Network Appliances EE122 TAs Past and Present.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
4: Addressing Working At A Small-to-Medium Business or ISP.

4: Addressing Working At A Small-to-Medium Business or ISP.

Similar presentations

Ads by Google