+

NAT AND PAT

+

 The rapid growth of the Internet resulted in a shortage of available IPv4

addresses. In response, a specific subset of the IPv4 address space was
designated as private, to temporarily alleviate this problem.

 However, private addresses can never be routed on the Internet. In fact,

Internet routers are configured to immediately drop traffic with private
addresses.
+

 Without network address translation (NAT) or port address translation (PAT) you
probably wouldn't be able to access the internet from your computer or at least you'll
be the only one in the house having internet access.
+
+

It is possible to translate
between private and public
addresses, using Network
Address Translation (NAT).
+

This is a static NAT

 +
 What are we going to do if we have more computers on our LAN ??

 we can use something called Dynamic NAT. who are different compared to the Static
NAT:

 you can use a pool of IP addresses to translete into.

 you can use an access-list to match the hosts on your LAN which should be
transleted.
+

Note: NAT is not restricted to private-to-public

address translation, though that is the most common
application. NAT can also perform public-to-public
address translation, as well as private-to-private
address translation.
+

what are you going to do if you have

multiple computers on your LAN and
only a single IP address from your
ISP ??

Here we need PAT (port address translation)

 +
TYPES OF NAT
 Static NAT – performs a static one-to-one translation between two addresses,

 Dynamic NAT – utilizes a pool of global addresses to dynamically translate the

outbound traffic of clients behind a NAT-enabled device.

 NAT Overload or Port Address Translation (PAT) – translates the outbound traffic of
clients to unique port numbers off of a single global address. PAT is necessary when the
number of internal clients exceeds the available global addresses.
 +
NAT TERMINOLOGY

 pecific terms are used to identify the various NAT addresses:

 Inside Local – the specific IP address assigned to an inside host behind a NAT-
enabled device (usually a private address).

 Inside Global – the address that identifies an inside host to the outside world (usually
a public address). Essentially, this is the dynamically or statically-assigned public
address assigned to a private host.
 +

 Outside Global – the address assigned to an outside host (usually a public address).

 Outside Local – the address that identifies an outside host to the inside network.
Often, this is the same address as the Outside Global. However, it is occasionally
necessary to translate an outside (usually public) address to an inside (usually private)
address.
+
+
+
+
+
+

 Router# show ip nat translations

To view whether an interface is configure as an inside or outside NAT
interface, and to display statistical information regarding active NAT
translations:

 Router# show ip nat statistics

To view NAT translations in real-time: