Transcript NAT - La Salle University

Network Address Translation
Based on Chapters 23 in Computer Networks and
Internets, Comer
1
CSIT 320 (Blum)
Network Address Translation
 NAT (Network Address Translation) is a scheme for a
network to use one set of addresses internally but to have the
outside world see a different set of addresses, possibly only one
address.
 It can be used as a security measure since it hides internal addresses from
the outside world.
 It can be used to expand one’s address space. One can use non-routable
addresses, and different networks can use the same internal addresses
provided their external address is unique.
2
CSIT 320 (Blum)
NAT: Figure 26.4
3
CSIT 320 (Blum)
NAT Tables
 The translator understands the local addresses and the
external address. It maintains a table of what internal
addresses (computers) are communicating with which
external addresses.
4
CSIT 320 (Blum)
5
CSIT 320 (Blum)
Dilemma
 But what if two internal addresses are communicating with
the same external address?
 How would the translator know which internal address to
deliver a message to?
6
CSIT 320 (Blum)
Solution (NAPT)
 Recall that beyond IP addresses there is an additional part
of the addressing scheme – the ports. The translator can
associate different internal addresses with its different
ports. Then it can distinguish differ incoming messages by
which port they come in on.
 This is known as Network Address and Port Translation
(NAPT).
7
CSIT 320 (Blum)
NAPT Table (Figure 26.4)
8
CSIT 320 (Blum)
Another Dilemma
 Associating internal addresses with ports is fine for
sessions initiated by the internal machines, but what if the
outside wants to initiate?
 The outside world will know the internal computers not
by IP addresses but by domain names. Therefore this can
be resolved by having the local DNS and NAT servers
coordinate.
9
CSIT 320 (Blum)
Other References
 http://www.whatis.com
 http://www.webopedia.com
10
CSIT 320 (Blum)