Network / Port Address Translation

Network Address Translation (NAT), from the name we can easily derive it is something to do with Translation and Network addresses (IP addresses). NAT is actually the process of translating between the private IP addresses and the public IP address. The purpose of NAT is to act as a gateway for the internal network (uses private IP address) and the public network ( uses public IP address); providing communication between the two networks. The operations of the translations are stored in the NAT table of the router or NAT-enabled devices. NAT operations are transparent to both the internal and external hosts.

   There are a few benefits through the use of NAT:

• Provide the private networks with Internet connection
• Hide the private networks from the public (Security)
• Provide IP address masquerading
• Save the amount of public IP address required (public IP addresses are costly, and limited)

With so many benefits of the NAT, the disadvantage of NAT are likely to be seen as a unconcerned matter to the network administrator. The disadvantage of NAT is that NAT operations requires additional processing power on the routers or NAT-enabled devices. As such, NAT operations will slow down the network communications due to the the process of IP address translation.

There are three types of NAT operations available: Static NAT, Dynamic NAT and Overloading NAT.

Static NAT (One-to-one Mapping) :

Static NAT are more commonly configured on nodes that requires high Internet availability or which do not requires to be reboot frequently such as the servers or printers. It maps only one private IP address to one public IP address, and thus the device which is configured with static NAT will have its own public IP address.

Dynamic NAT (Many-to-many Mapping):

Dynamic NAT are just like the static NAT, it is more commonly implemented within larger networks. It maps the private addresses to a group of public IP addresses. This means all the hosts in the private network will share a pool of public IP addresses (example 100 host share 20 public IP addresses). As such, not all hosts in the private network will be able to access the Internet at the same time, there will be a timeout period for each translation; and thereby making the public address available again for another translation.

Overloading NAT (Many-to-one Mapping):

Overloading NAT are also known as the Port Address Translation (PAT). PAT is the most commonly NAT method used for networks to connect to the Internet. Our home broadband for example, connects to the ISP using PAT, which makes it cheaper for us to purchase the Internet connection services (public IP address).

The process of overloading NAT is like this:

Private IP addresses                     Public IP address
192.168.1.2 + port 2000   -->        203.0.0.1 + port 2000
192.168.1.3 + port 23       -->        203.0.0.1 + port 23

The return packet from the Internet will pass through the same port to identify the host in the private network.

Reference:
http://en.wikipedia.org/wiki/Network_address_translation
http://www.simonzone.com/software/guidedog/manual/whatisnat.html
http://www.bglug.ca/articles/nat_and_ip_masquerade.pdf