Network Address Translation (NAT) is a method of mapping the private IP address of a private network to the public IP address of the global network and vice versa. With this method, the local host in a private network can access the internet. NAT is used at the routers as they help the router to identify that to which localhost the message is to be forwarded.
In this section, we will discuss the reason behind the implementation of NAT, its method of working and the types of NAT.
Content: Network Address Translation (NAT)
Network Address Translation
The Internet Service Provider (ISP) provides a variable block of IPv4 addresses to the midsize organization or home users. Now, what if the organization grows and requires a large block of addresses or the number of devices accessing the internet increased at home? It would be impossible for the ISP to fulfil the increased demand for addresses. This is because the range of addresses before the allocated range and the range of addresses after the allocated range may be assigned to other small organizations.
Now, the question arises how to fulfil this increased demand for addresses?
Here, the role of Network Address Translation (NAT) is introduced. In the situation discussed above, such midsize organization or home users can have several private IP addresses for a large set of devices/computer to allows internal communication whereas, few devices/computer are provided with the public addresses for global communication.
Private IP addresses need to be unique inside the organization. No matter if they are not unique globally as everyone is aware that there are three blocks of addresses which are reserved for private networks. The users can use private IP addresses without the permission of Internet authorities. The private IP addresses are not routable means any router will not forward the packet having private addresses in its destination address field.
If the computer or a device with private IP address wants to communicate with the outside world, it would connect to the NAT capable router with the public IP address and here, the address translation takes place. In the address translation, a private IP address is mapped to the public IP address and the request is forwarded to the (destination) outside world.
Network Address Translation is the address translation technique which translates the internal private IP address to external public IP address and vice versa. So, the computers with private IP address inside a private network can communicate with the devices with the public IP address.
How Does NAT Work?
Consider a small private network of a home having four devices i.e. 1 laptop, 1 desktop, 1 tablet and one Smartphone, in its network. As all these devices are the local host they are provided private IP addresses and all these devices are connected to a NAT router with a public IP address.
Now suppose, if the tablet user at home network wants the information regarding today’s news. As you can see in the image below, it would send this request to the server in the outside world with a public IP address, which would have this information. The server would create a reply packet with the information of today’s new. The reply packet will have source as server IP address and destination as tablets private IP address and as we know the private IP address is not routable. The Tablet would never receive the reply as no router will forward this packet to the table.
NAT router analyzes the request packet sent from a tablet which has tablets private IP address in its source field and servers public IP address in destination fields. NAT router put the source private IP address in private IP address column of translation table the destination (server) address in public IP address column. NAT router replaces the source private address with the NAT public IP address as you can see in the image below.
The destination server receives the request packet now, with the NAT routers public IP address as the source address. So, when the server prepares the reply it puts the NAT routers public IP address in the destination address field and its own global IP address in the source address field of the reply packet.
Now, as the reply packet has the public IP address in its destination address field so, it would route the packet to the destination NAT router. The NAT router analyzes the reply packet which has source address as server’s address. The NAT router then remaps the servers public IP address to the tablet’s private IP address with the help of translation table using the source address field of the received packet and send the reply packet to the corresponding private IP address.
Types of NAT
There can be several private IP addresses in a private network each belonging to a specific host. How does the NAT router decide that the packet it has received is for which specific host? NAT router resolves this problem by maintaining the router table as we have seen above. Let us discuss some cases of using Network Address Translation in different scenarios and analyse their consequence. Sometimes these different cases are considered as types of NAT.
Static NAT (Using one Universal Address)
In this case, the ISP assigns one universal or public address to one of the members of the private network. When a member from the private network wants to access the global network it has to be mapped with the same public IP address. At a time only one private host is able to access the same external host. Hence it is called static NAT.
Its drawback is that only one private network host can communicate with the same external host as there are no other public addresses to pair with.
Dynamic NAT (Using Pool of IP addresses)
Dynamic NAT overcomes the problem of static NAT where only one private host can communicate with the same global host at a time. The solution is to have more public IP addresses from the pool of global addresses.
Like, you can have four or five global addresses from the pool and now four or five private hosts can communicate with the same external host at the same time. This is because there will be four or five pairs of addresses each of which defines a different connection.
Dynamic NAT also has drawbacks:
- Still, there is a limit, on the number of connections that can be made to the same external host.
- A host in a private network cannot connect to the two external server programs at a time.
- Two hosts in a private network cannot connect to the same external server program at the same time.
This problem is solved with Port NAT.
Port NAT (Using both IP address and Port Number)
Knowing the IP address is not enough as when request packet arrives at the server it only can identify to which computer the reply packet is to be sent. But, it doesn’t know to which specific process in the computer the reply packet will be sent. For this, port address must also be attached to the IP address to identify that for which specific process in a computer the packet is for.
Using port address along with the IP address allow a private network host to access two global server programs at the same time and it even allows two private network hosts to access same global server program at the same time.
- Network Address Translation maps the host in private network to the host in the global network and vice versa.
- NAT maintains a translation table which has entries of private and public IP addresses which helps in the routing of the message.
- NAT allows a computer in private network to access the internet though it has a private IP address which is not routable.
- There are three types of NAT static NAT, dynamic NAT and port NAT.
- In the Static NAT, only one member in a private network has a global IP address. So, only one host in a private network can connect with the same external host at a time.
- Dynamic NAT picks multiple global addresses from the pool of global addresses so that, multiple private hosts can be mapped to these global addresses.
- Dynamic NAT allows multiple hosts in a private network to connect with the same global host at the same time.
- But, the Dynamic NAT does not allow a host in a private network to connect with global server program at the same time. And it doesn’t even allow to two private hosts to access the same global server program at the same time.
- Port NAT uses the port number along with the IP addresses. It helps in Identifying to which specific process in the computer the message has to be delivered.
NAT may not be required in future when complete IPv4 addresses are replaced with IPv6 addresses as there is an enormous range of addresses in IPv6. Such that all devices over the world will have public IP addresses.