Monday, July 27, 2015

Basics of NATTING - Static & Dynamic


NAT - Network Address Translation

This is not directly related to OM but since there is a lot of environments on the cloud, I thought it would be a good place to touch base on one of the basic networking concepts.

NATTING enables a LAN to use one set if IP addresses for internal traffic and a second set of addresses for external Traffic. A NAT box is located where the LAN meets the Internet. It makes all the required IP address translations.

NAT serves 3 purposes:
1.  Provides a type of firewall by hiding Internal IP Addresses
2. Enables a company to use more internal IP addresses. Since these IP addresses are used only internally, there is no possibility of conflict with IP addresses used by other companies / organizations.
3. Allows a company to combine multiple ISDN connections into a single internet connection.

There are 2 types of NAT:
Static NAT
Dynamic NAT

Static NAT: Mapping an unregistered IP address to a registered IP on a one-to-one basis. Particularly useful when a device needs to be accessible from outside network always.

Photo Courtesy : http://computer.howstuffworks.com/nat1.htm

Dynamic NAT: Maps an unregistered IP address to a registered IP address from a group of registered IP addresses.
Photo Courtesy : http://www.brainbump.net/Understanding-CiscoASA-Post-8.3-NAT-Configuration

Overloading / PAT: Port Address Translation
This kind of NAT maps multiple unregistered IP addresses to a single registered IP address by using different ports. This is also called single address NAT or port-level multiplexed NAT.

Overlapping:
When the IP addresses used on the internal network are registered IP addresses in use on another network, the router must maintain a lookup table of those addresses so that it can intercept them ans replace them with registered unique IP addresses. NAT router must also translate the "INTERNAL" addresses to registered unique addresses as well as translate the "EXTERNAL" registered addresses to addresses that are unique to the private network. This can be done through static NAT or by implementing DNS and using Dynamic NAT.

NAT Example:

a.b.c.d = Public Internet IP which is NAT'd to 192.168.1.5
Let's say you have a website www.basicesm.blogspot.com whose public DNS points to a.b.c.d, and you have an IIS website hosted on 192.168.1.5 on your internal network.  Public on the internet would open a browser type in www.basicesm.blogspot.com, which would look up the IP a.b.c.d.  It would request the webpage and hit your firewall where it would NAT to the internal IP 192.168.1.5, and return the webpage.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)