What is NAT (Network Address Translation)

Every IP-capable device needs an IP address. With the introduction of small office, home office
(SOHO) networks, this would seem to imply that whenever a SOHO wants to install a LAN to
connect multiple machines, a range of addresses would need to be allocated by the ISP to cover
all of the SOHO’s IP devices (including phones, tablets, gaming devices, IP TVs, printers and
more).

If the network grew bigger, a larger block of addresses would have to be allocated. But what if the
ISP had already allocated the continuous portions of the SOHO network’s current address range?
And what typical homeowner wants (or should need) to know how to manage IP addresses in the
first place? Fortunately, there is a simpler approach to address allocation that has found
increasingly widespread use in such scenarios: network address translation (NAT).

Figure 4.25 shows the operation of a NAT-enabled router. The NAT-enabled router, residing in
the home, has an interface that is part of the home network on the right of Figure 4.25.

Q1. What are public and private IP addresses?

A realm with private addresses refers to a network whose addresses only have meaning to
devices within that network. There are hundreds of thousands of home networks, many using the
same address space, e.g. 10.0.0.0/24. Devices within a given home network can send packets to
each other using 10.0.0.0/24 addressing. However, packets forwarded beyond the home network
into the larger global Internet clearly cannot use these addresses (as either a source or a
destination address) because there are hundreds of thousands of networks using this block of
addresses. That is, the 10.0.0.0/24 addresses can only have meaning within the given home
network.

The NAT-enabled router does not look like a router to the outside world. Instead the NAT router
behaves to the outside world as a single device with a single IP address. In Figure 4.25, all traffic
leaving the home router for the larger Internet has a source IP address of 138.76.29.7, and all
traffic entering the home router must have a destination address of 138.76.29.7. In essence, the
NAT-enabled router is hiding the details of the home network from the outside world.

Q2. Where the home network computers get their addresses and where the router
gets its single IP address?

Often, the answer is the same—DHCP! The router gets its address from the ISP’s DHCP server,
and the router runs a DHCP server to provide addresses to computers within the NAT-DHCP-
router-controlled home network’s address space.

What’s Inside a Router?

Figure 4.4
1. Input ports. An input port performs several key functions. It performs the physical layer
function of terminating an incoming physical link at a router; this is shown in the leftmost
box of an input port and the rightmost box of an output port in Figure 4.4. An input port
also performs link-layer functions needed to interoperate with the link layer at the other
side of the incoming link; this is represented by the middle boxes in the input and output
ports. Perhaps most crucially, a lookup function is also performed at the input port; this
will occur in the rightmost box of the input port. It is here that the forwarding table is
consulted to determine the router output port to which an arriving packet will be forwarded
via the switching fabric. Control packets (for example, packets carrying routing protocol
information) are forwarded from an input port to the routing processor. Note that the term
“port” here—referring to the physical input and output router interfaces—is distinctly
different from the software ports associated with network applications and sockets
 discussed in Chapters 2 and 3. In practice, the number of ports supported by a router can
range from a relatively small number in enterprise routers, to hundreds of 10 Gbps ports
in a router at an ISP’s edge, where the number of incoming lines tends to be the greatest.

2. Switching fabric. The switching fabric connects the router’s input ports to its output ports.
This switching fabric is completely contained within the router—a network inside of a
network router!
3. Output ports. An output port stores packets received from the switching fabric and
transmits these packets on the outgoing link by performing the necessary link-layer and
physical-layer functions.

4. Routing processor. The routing processor performs control-plane functions. In

traditional routers, it executes the routing protocols, maintains routing tables and
attached link state information, and computes the forwarding table for the router.

A router’s input ports, output ports, and switching fabric are almost always implemented in
hardware. To appreciate why a hardware implementation is needed, consider that with a 100
Gbps input link and a 64-byte IP datagram, the input port has only 5.12 ns to process the datagram
before another datagram may arrive.

Q3. If the router does not keep up to speed with the datagrams what do you think
will happen?
Q4. Explain the picture and from memory Head Of Line (HOL) blocking as shown
in the diagram.
Longest Prefix Matching in forwarding table

Let’s now consider the “simplest” case that the output port to which an incoming packet
is to be switched is based on the packet’s destination address. In the case of 32-bit IP
addresses, a simple implementation of the forwarding table would have one entry for
every possible destination address. Since there are more than 4 billion possible
addresses, this option is totally out of the question.

Q3: How much time do you think this lookup will take while performing matching?
What kind of matching strategies are used inside router?
Dynamic Host Configuration Protocol (DHCP)

Given this, the DHCP client creates an IP datagram containing its DHCP discover message along
with the broadcast destination IP address of 255.255.255.255 and a “this host” source IP address
of 0.0.0.0. The DHCP client passes the IP datagram to the link layer, which then broadcasts this
frame to all nodes.