| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
IP NAT Static and Dynamic Address Mappings (Page 1 of 2) NAT allows us to connect a private (inside) network to a public (outside) network such as the Internet, by using an address translation algorithm implemented in a router that connects the two. Each time a NAT router encounters an IP datagram that crosses the boundary between the two networks it must translate addresses as appropriate. But how does it know what to translate, and what to use for the translated address? The NAT software in the router must maintain a translation table to tell it how to operate. The translation table contains information that maps the inside local addresses of internal devices (their regular addresses) to inside global address representations (the special public addresses used for external communication). It may also contain mappings between outside global addresses and outside local addresses for inbound transactions, if appropriate. There are two basic ways that entries can be added to the NAT translation table. When static mappings are used, a permanent, fixed relationship is defined between a global and a local representation of the address of either an inside or an outside device. For example, we can use a static translation if we want the internal device with an inside local address of 10.0.0.207 to always use the inside global address of 194.54.21.10. Whenever 10.0.0.027 initiates a transaction with the Internet, the NAT router will replace that address with 194.54.21.10. With dynamic mappings, global and local address representations are generated automatically by the NAT router, used as needed, and then discarded. The most common way that this is employed is in allowing a pool of inside global addresses to be shared by a large number of inside devices. For example, say we were using dynamic mapping with a pool of inside global addresses available from 194.54.21.1 through 194.54.21.20. When 10.0.0.207 sent a request to the Internet it would not automatically have its source address replaced by 194.54.21.10. One of the 20 addresses in the pool would be chosen by the NAT router. The router would then watch for replies back using that address and translate them back to 10.0.0.207. When the session was completed, it would discard the entry to return the inside global address to the pool.
Home - Table Of Contents - Contact Us The TCP/IP Guide (http://www.TCPIPGuide.com) Version 3.0 - Version Date: September 20, 2005 © Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved. Not responsible for any loss resulting from the use of this site. |