What is NAT

Photo of author

By Vijay Singh Khatri

The main idea of using a NAT (Network Address Translation) is to make it possible for a user to access the Internet through various devices using the same IP address which is provided to them by the Internet Service Provider (ISP). This can be done when the translation of a private IP address to a public IP address is required. Most of the home routers and even the ones found in companies use NAT protocol to distribute the IP addresses to different devices for them to connect with the network and work.

Today, we will find out how NAT works and how its usage is something we need in the age of the Internet. Also, we will show you how you can manually configure a NAT on your own and make it work just like the router configuration but virtually.

How NAT Functions

Let’s take an example to explain things in a better way. Suppose you have a laptop that is connected to the Wi-Fi present in the home. Now your friend picked up the laptop and searched for the best Chinese restaurants to dine in. When he clicks on the ‘Search’ icon on the browser, the laptop will send the request in a packet to your router, which then sends it to the web. But before the router sends the request that needs to be fetched, it changes the outgoing IP address from the private local address to the public IP address.

This change of address needs to be done because if the router sends the private address. The server receiving the request will have no idea where to send the information that has been fetched. This is like sending a physical mail and then requesting them to return service but without telling them the address where the return packet needs to be sent.

With the use of NAT, the information will be sent back to the router first and then to the laptop. Also, the information is delivered to the public IP address of the router, not to the private IP address which is given by the router to your laptop.

Basic NAT Terminologies to Know

Before we show you different types of NAT, we must first clarify the terminologies to avoid confusion.

Inside Local Address

The Router assigns this address to the devices which are connected with it. These are present inside the network, and these can’t be accessed via an Internet connection. Keep in mind all the addresses that start from 192.168.x.x and 10. x.x.x are kept reserved for private IP addresses. Any of the IP addresses from this range can be used without having to worry about if some other device in the network is using the same IP or not.

Inside Global Address

More than one IP address is designated as a part of the local network, and they are seen as inside hosts from the outside network. When you ask the ISP to provide you with the Internet connection, you receive an IP from their end. The IP is assigned to the router, and from there, the group of devices is connected for Internet access.

Outside Local Address

This is the actual IP of the remote host once the NAT translation has successfully taken place.

Outside Global Address

This is the IP address of the host before the NAT translation takes place.

Different Types of NAT

There are a total of three different types of NAT, and each of them is defined below for you to understand their needs and work.

1. Static NAT

With static NAT, you get the one-to-one mapping of a private IP address that is connected to a public IP address. This type of NAT is useful if the device present inside the network needs to be accessed via the Internet. For example, if you are running a server that hosts your website, it becomes necessary for you to have a static NAT to keep it alive and accessible on the Internet. If you don’t use the static NAT, the changeover of IP could make your website temporarily unavailable for the users to open on their browser.

2. Dynamic NAT

It is defined as mapping the private IP address designated to the devices by the router to a public IP address from the group of IP addresses called the NAT pool. With the use of dynamic NAT, users get the one-to-one mapping of a private IP address to a public IP address. The mapping of the addresses may vary depending on the available public IP address in the NAT pool.

3. Port Address Translation

The PAT is another form of dynamic IP NAT used to multiply private IP addresses to a single public IP address. In this case when a client who is present inside the network can communicate with the host present on the Internet. The router makes the change in the source port number with another port number. After that, the changes are kept on the table. When the router receives a response from the Internet, it will look at the table where all the ports mapping is kept and will forward the data packet to the receiver of the original request.

Configuring NAT

To configure the NAT on your own, the first thing you need to do is create a rooted network that is present in the Control Panel and also make connections with the virtual servers. Keep in mind that you need to make a rule that servers in the same data center need to be connected to the same network.

Dynamic NAT in Cisco Devices

The below section will help you in configuring the Dynamic NAT in Cisco devices. In addition to this, users will be able to create configlet commands which are corresponding with the help of the Network Configuration Manager application. With the use of this application, you can easily operate on multiple devices at the same time. Your inside address will be translated in this configuration, and a pool of global addresses needs to be specified.

In the dynamic NAT, the mapping of local addresses with a global address takes place dynamically. As a result, your router will automatically pick up the address from the global address pool, which is not currently assigned. Moreover, it can be any address that is present in the pool of addresses. When the router does the dynamic entry in the NAT translations table, it will stay like that as long as traffic is being exchanged from that address.

Steps to Configure Dynamic NAT

Step 1 – Use the IP NAT inside command to configure the router’s inside interface.

Step 2 – Use the IP NAT outside command to configure the router’s outside interface.

Step 3 – Find out the ACL, which has the list of inside source addresses that will be translated and configured.

Step 4 – Use IP NAT pool NAME FIRST_IP_ADDRESS LAST_IP_ADDRESS netmask SUBNET_MASK command to configure the pool of global IP addresses.

Step 5 – Finally, enable the dynamic NAT with the use of IP NAT inside the source list ACL_NUMBER pool NAME global configuration command.

Static NAT in Cisco Devices

In the case of static NAT, the routers will take the one private IP address and translate it to a single public IP address. Every single IP address is mapped to a single public IP address. Keep in mind that static NAT is not something that is often used as it uses individual public IP addresses for each private IP address.

To configure static NAT on Cisco, we are again using Network Configuration Manager, which allows users to create corresponding Configlet commands and then push them to be followed in other devices which are available on the network.

Steps Required for Configuring Static NAT on Cisco Devices

Step 1 – Use the IP NAT inside the source static PRIVATE_IP PUBLIC_IP command to configure the private/public IP address for the mapping.

Step 2 – Make the router’s inside interface with the help of the IP NAT inside command.

Step 3 – Configure the outside inside with IP NAT outside command for the router.

Configuring NAT Using CLI (Command Line Interface)

  • First, log in to your device using the SSH/ TELNET and enable the configuration mode.
  • Then go to the config mode and enter the command

Router#configure terminal

  • Enter the configuration commands and keep them one per line.
  • After that, end the insertion of commands using CNTL/Z

Router(config)#

  • Now enter the commands given below for configuring the static NAT

Router(config)#ip nat inside source static 10.0.0.2 59.40.40.1

  • To configure the router’s inside interface, write down the below commands

Router(config)#interface fa0/0

Router(config-if)#ip nat inside

Router(config-if)#exit

  • Configure the router’s outside interface using the following commands

Router(config)#interface fa0/1

Router(config-if)#ip nat outside

Router(config-if)#exit

  • Exit the configuration mode using Router (config)#exit

Benefits of Using NAT

Now that you know how you configure the NAT for both the static and dynamic configuration. It’s time to learn some benefits of doing it and how it can help you.

1. Cost Savings

One of the best things about using NAT is that when you are using it with a private IP address, you don’t need to buy more IP addresses from the ISP for every single computer or device which is present in your network. The same IP address can be used by multiple devices at the same time to access the Internet. This leads to a significant reduction in the cost of networking and running an online business that needs to be live 24×7.

2. Address Conserving

One of the features of NAT is the NAT overload which makes it possible for the network to preserve IPv4 addresses by allowing the privatization of the intranets. This takes place with the working of Intranet Privatization. As a result, all the addresses will be saved by multiple applications on the port level.

3. Flexible Connection

It can become tiring to keep an eye on the network when there are so many devices connected to it. With NAT, you can increase the reliability and the flexibility of the network by adding in multiple devices that also include backup and load balancing.

4. Consistent Network

NAT makes it possible for a user to have a consistent network addressing scheme. As a result, whenever there is a use of a public IP address, the proper address space has to be assigned, which is done by NAT. Thus, you can easily find out which device is using the specific IP address.

5. Network Security

With the use of NAT, all the source and destination addresses are kept well hidden in multiple layers of security. The hosts that are present inside the NAT cannot be reached by other hosts of the same network without the permission of the user. This makes the NAT more secure from the bare network that we use in our homes.

6. Private Addressing

NAT uses its IPv4 addressing scheme for the devices connected to the network. In case you move to a new public addressing scheme, these IPv4 addresses will come into play to make it easier for the router to understand where to send the information coming from the Internet. In addition to this, even if you change the ISP still the internal address will be the same, and no change will occur in their addressing scheme.

Things to Know About NAT Before Implementing It

First, NAT consumes a lot of computational power and memory resources since NAT needs to translate the IPv4 address for all the incoming and the outgoing data packets while keeping the translation data in its memory.

Also, due to the translation of addresses taking place, it can cause a little bit of delay in IPv4 communication.

NAT can even lead to the loss of end-device to end-device IP traceability, which is good in some cases but in corporate sectors, you might need it.

Some of the technologies will not function like they should when you open them in a NAT configured network.

Conclusion

This is what NAT is all about, and that’s how your network uses it to make the working of IP addresses much easier for the router to interpret. NAT is a mid-level networking configuration, so if you have no idea of how a network works. It is best to take help from the professional or call your ISP to guide you in the process of configuring it on your network.

People are also reading: 

Leave a Comment