Network Address Translation
(NAT)
Ahmed O. Alazzawi
Private Network
• Private IP network is an IP network that is not
directly connected to the Internet
• IP addresses in a p...
Private Addresses
H1
R1
H2
10.0.1.3
10.0.1.1
10.0.1.2
H3
R2
H4
10.0.1.310.0.1.2
Private network 1
Internet
H5
10.0.1.1
Pri...
Network Address Translation (NAT)
• A short term solution to the problem of the depletion of IP addresses
– Long term solu...
Network Address Translation (NAT)
• NAT is a router function where IP addresses (and possibly
port numbers) of IP datagram...
Basic Operation of NAT
• NAT device has address translation table
• One to one address translation
6
IP Masquerading
• Also called: Network address and port
translation (NAPT), port address translation (PAT).
• Scenario: Si...
IP Masquerading
8
Load Balancing of Servers
• Scenario: Balance the load on a set of identical
servers, which are accessible from a single I...
Load Balancing of Servers
10
Configuring NAT with iptables
• First example:
iptables –t nat –A POSTROUTING –s 10.0.1.2
–j SNAT --to-source 128.143.71.2...
NAT Summary
• NAT provides transparent and bi-directional connectivity
between networks having arbitrary addressing scheme...
NAT Limitations
• Applications with IP-address content
– Need AGL (Application Level Gateway)
• Applications with inter-de...
of 13

network address translate

how ip (internet protocol ) translate through router
Published on: Mar 3, 2016
Published in: Science      
Source: www.slideshare.net


Transcripts - network address translate

  • 1. Network Address Translation (NAT) Ahmed O. Alazzawi
  • 2. Private Network • Private IP network is an IP network that is not directly connected to the Internet • IP addresses in a private network can be assigned arbitrarily. – Not registered and not guaranteed to be globally unique • Generally, private networks use addresses from the following experimental address ranges (non- routable addresses): – 10.0.0.0 – 10.255.255.255 – 172.16.0.0 – 172.31.255.255 – 192.168.0.0 – 192.168.255.255
  • 3. Private Addresses H1 R1 H2 10.0.1.3 10.0.1.1 10.0.1.2 H3 R2 H4 10.0.1.310.0.1.2 Private network 1 Internet H5 10.0.1.1 Private network 1 213.168.112.3 128.195.4.119 128.143.71.21 3
  • 4. Network Address Translation (NAT) • A short term solution to the problem of the depletion of IP addresses – Long term solution is IP v6 – CIDR (Classless InterDomain Routing ) is a possible short term solution – NAT is another • NAT is a way to conserve IP addresses – Can be used to hide a number of hosts behind a single IP address – Uses private addresses: • 10.0.0.0-10.255.255.255, • 172.16.0.0-172.32.255.255 or • 192.168.0.0-192.168.255.255 4
  • 5. Network Address Translation (NAT) • NAT is a router function where IP addresses (and possibly port numbers) of IP datagrams are replaced at the boundary of a private network • NAT is a method that enables hosts on private networks to communicate with hosts on the Internet • NAT is run on routers that connect private networks to the public Internet, to replace the IP address-port pair of an IP packet with another IP address-port pair. 5
  • 6. Basic Operation of NAT • NAT device has address translation table • One to one address translation 6
  • 7. IP Masquerading • Also called: Network address and port translation (NAPT), port address translation (PAT). • Scenario: Single public IP address is mapped to multiple hosts in a private network. • NAT solution: – Assign private addresses to the hosts of the corporate network – NAT device modifies the port numbers for outgoing traffic 7
  • 8. IP Masquerading 8
  • 9. Load Balancing of Servers • Scenario: Balance the load on a set of identical servers, which are accessible from a single IP address • NAT solution: – Here, the servers are assigned private addresses – NAT device acts as a proxy for requests to the server from the public network – The NAT device changes the destination IP address of arriving packets to one of the private addresses for a server – A sensible strategy for balancing the load of the servers is to assign the addresses of the servers in a round-robin fashion. 9
  • 10. Load Balancing of Servers 10
  • 11. Configuring NAT with iptables • First example: iptables –t nat –A POSTROUTING –s 10.0.1.2 –j SNAT --to-source 128.143.71.21 • Pooling of IP addresses: iptables –t nat –A POSTROUTING –s 10.0.1.0/24 –j SNAT --to-source 128.128.71.0– • 128.143.71.30 • ISP migration: iptables –t nat –R POSTROUTING –s 10.0.1.0/24 –j SNAT --to-source 128.195.4.0– 128.195.4.254 • IP masquerading: iptables –t nat –A POSTROUTING –s 10.0.1.0/24 –o eth1 –j MASQUERADE • Load balancing: iptables -t nat -A PREROUTING -i eth1 – j DNAT --to-destination 10.0.1.2-10.0.1.4 11
  • 12. NAT Summary • NAT provides transparent and bi-directional connectivity between networks having arbitrary addressing schemes • NAT eliminates costs associated with host renumbering • NAT conserves IP addresses • NAT eases IP address management • NAT enhances network privacy
  • 13. NAT Limitations • Applications with IP-address content – Need AGL (Application Level Gateway) • Applications with inter-dependent control and and data sessions • Translation of fragmented FTP control packets

Related Documents