Network Address Translation the method used to remapping the IP address space of packet to another by changing the network address transformation when they are transmitting through a router. When the network has moved this method is mostly used to avoid the readdressing of the host. These become the essential tool in global address space in ipv4 address. The technique used to hide the address space is IP masquerading which contains the private address behind public address space. to know more about What is a Network Address Translation (NAT) keep reading this article till the end.
BASIC NAT (Network Address Translation)
This is the simplest way of NAT as basic NAT which provides one –to- one translation of IP address.it is also known as one to one NAT. In this type of NAT, the IP address got changed if the IP address contains IP address, IP header checksum, and higher-level checksum. This type of NAT (Network Address Translation) can be used to connect two networks which have a different address.
ONE –TO- MANY NAT
LAN uses one of the built-in private addresses of the subnets. The router in that network contains a private address in the address space. This router is connected with the network using the public address which is provided by the ISP. When the packets are transferred from local networks to the internet, each packet is translated to a form where they can move from private addresses to the public address. The router tracks each data for its active connection. When a reply return to the router, it uses the data connection to determine the private address of the packet. Every IP packets have their source address and destination address. Firstly when the source address is get modified when they are changed from private to public address, after the destination address get changed when public network change to the private network.
METHODS OF TRANSLATION
There are different ways of implementing network address and port translation. IP address information is used by some application protocols to determine the external NAT(Network Address Translation) address. These are used to detect the communication peers, and also to know the type of mapping used. Mainly these are set to know the direct communication path between two clients separated by NAT. STUN (Simple Traversal Of UDP over NAT) protocol is used for this purpose and id developed in 2003 March. This protocol classified NAT into
- Full-cone NAT
- Restricted-cone NAT
- Port- restricted cone NAT
- Symmetric -cone NAT
It is also called as one-to-one NAT. when internal address gets aligned with external address any packet from internal can send to the external address. Likewise, internal packets can receive packets from external host also.
Here packets can be sent through the internal address from external address when internal and external addresses get aligned. If the internal address has sent the packets to the external host previous time, then only the external host can send the packets to the internal address.
Port- restricted cone NAT
Here port numbers are restricted. Once internal and external addresses get aligned they can send packets to each other. Like restricted cone, if the internal address has sent packets previously to external host then the only external host can send packets to the internal address.
Symmetric -cone NAT
Requests from the same internal address and port to a specific destination are aligned to a unique source IP address and port. The external host can receive packets from the internal host and can send packets back.
TYPES OF NAT, Different types of NAT (Network Address Translation) are:-
DNAT (Destination Network Address Translation)
The technique is used to change the destination address of the end routers. The router placed at the end of the routers can perform this technique.
SNAT (Secure Network Address Translation)
The technique is used for tracking and filtering the network connection used for FTP, PPTP, etc. and to analyze the arrangement of the proxy server.
Second Explanation of NAT (Network Address Translation)
Introduction to the NAT(Network Address Translation) concept
The abbreviation for NAT is a network address translation, where it is a service used in the routers or similar network device. Its purpose is to translate the IP addresses to another set of IP addresses.
It transform the private IP address into a public IP address.
And what’s the need to convert these IP addresses?
The cause for having the IP addresses is to help out and conserve the finite amount of IPv4 public IP addresses. The public IP addresses available throughout the world. When IPv4 has created the creators didn’t realize how large the internet crawl all around the world that the whole world work on it and most of the users are using multiple devices like smartphones and laptops. IPv4 is the 32-bit address. Where there are 4billion public IPv4 addresses available the developers thought that these are enough but they are proved to be wrong. So by getting a shortage of public IP versions and addresses, the developers thought and developed the private IP address as the block of it and also the network address translation which is NAT.
Now there are two various types of IPv4 addresses those are,
The public registrations which are done on the internet are regarded as public IP addresses. One must have public IP addresses to go over the internet.
The private IP addresses are different from public IP addresses. These are not registered publicly.
One cannot access directly to the internet with a private IP. These private IP addresses are only used internally such as, inside a home or business.
But they are not used out on the public internet.
The routers are the one which assigns the internal devices to a private IP.
For eg, most homes and businesses do not just have only one device that needs internet access. They usually maintain multiple devices that they are going to connect with the internet.
So these devices will need public IP addresses if they want internet access.
we can ask for additional public IP addresses by contacting and making a request to the internet service providers for all our devices. But because of this, the cost for this will becomes more expensive and unnecessary and importantly wastage of IP addresses. And if we imagine that every device has a public IP address in the world then we would have run out of public IP addresses already.
So instead of happening that, the routers will be assigning the IP addresses which are private to the devices either in a home or in business. If these devices want to connect or access the internet means, That specific device Ip addresses will be translated by the NAT(Network Address Translation) in the router and gets translate to the public IP address which is already been assigned to that unit. This all work is progressed by the NAT by which the set of IP addresses translate to another set of IP addresses.
The transfer is not only from private to public but also the transfer is done from the public to private.
The public to private transfer can be following a procedure as,
for eg, the computer outside the internet ought to communicate with the computer which is in a private network then the public IP address is required to transfer by NAT to the private IP address for that specific computer.
Now, there is a technology of IPv6 which has replaced the NAT(Network Address Translation) and private IP addresses. This IPv6 was introduced in 1995 December.
Which is a new generation of IP addresses called IP version 6.
This makes it possible that every device in the world has its public IP addresses so there is no need for IP address translation.
This is because 340 undecillion IP addresses are capable to produce by IPv6. 340 undecillion is the number that expresses we never run out of IP addresses.
Examples of NAT(Network Address Translation)
There are four computers in a network and one internet connection.
We are going to seeing how the four computers are connected simultaneously to the internet. This is achieved with the help of NAT.
And all four computers are having different IP addresses with them. These IP addresses are different from one computer to another as the IP addresses are the unique way to identify the computer.
Let’s take these four computers’ IP addresses like 10.0.0.1, 10.0.0.2, 10.0.0.3, and 10.0.0.4.
These IP addresses are assigned to the devices are private and these IP addresses are cannot be routed on the Internet. But it means the same IP addresses can be used numerous times on the other networks.
The pc-1 is assigned with a private address of 10.0.01. If this pc1 wants to access the internet the first request will be sent to the router and our router will be converting this private IP address into a public. Along with the conversion, the unique port number will be added to this.
And these all information is stored on the NAT(Network Address Translation) forwarding table after storing the request will be forwarded to the internet. So with the help of the port number easy identification of the device which requested Internet access can be identified. Here the router will be remembering the IP address of the device for the requested packet and providing access for it. And in this way, the port number will help. In return, the router will be receiving a response from the internet, and in a router, it is going to check the NAT forwarding table.
This time the conversion is done from the public IP address into a private IP address.
After the conversion, the packet is sent to the destined pc which is pc1.
Similarly, the pc2, pc3, and pc4 will be following the same process to get internet access or to receive some packets.
Why do we use NAT(Network Address Translation)?
When the internet came into force, the computers on the private network connected to the internet will be working in this procedure.
The unique common public IP address is generated and used by the whole private network computers. These public IP addresses are given and assigned to each computer. On the LAN side
of the gateway, the assignment of the public IP address is also given to it, which is the default one.
And then the assignment of IP address is given on the ISP side which means, internet service provider. Where this is on the WAN side of the gateway which is the default then, each computer is informed about the default gateway IP address.
In this type of structure, all the IP addresses are organized as a public. Because of this traditional arrangement, impediments may arise.
a)Security vulnerability may emerge as IP addresses are public in traditional form. Public IP addresses can make everyone to get access to the pretended private network.
b)As the internet grows faster and still growing more day to day than anyone ever expects with a large number of users IP addresses run hastily.
So, to cover up these drawbacks private IP addresses, and NAT(Network Address Translation) were assisted.
The IPv4 private addresses are classified as classes,
class A is ranging from 10.0.0.0 to 10.255.255.255.
class B is ranging from 172.16.0.0 to 172.31.255.255.
class C is ranging from 192.168.0.0 to 192.168.255.255.
These ranges of IP addresses can be observed in a large organization. For eg, observe the IP address in a computer these IP addresses are also used in some of the putties for the execution of programs in a terminal.
These private addresses are not routable but can be available free to anyone.
Types of NAT (Network Address Translation)
a)Dynamic NAT is also named DMAT. Variance with static SNAT, The DMAT handles more with traffic that is outbound.
The dynamic NAT (Network Address TAdnslation)allows navigating the internal private IP address into the router’s IP addresses.
For eg, whenever the internal host connects to the internet the router would replace the internal private IP address with the first available public IP address from a pool of public IP addresses.
DNAT is also considered as IP masquerading because it covers the internal hosts.
Because of masking, it becomes difficult for hackers for monitoring a certain host.
The DNAT is expensive for the downside as the router can able to maintain the collection of public IP addresses.
b)Static NAT is also addressed as a static network address translation or SNAT. It is one kind of NAT where the private IP address will collaborate with one of the Public IP addresses. There will be no modifications done to the public IP addresses. So we do notify to call it as static NAT.
The static NAT allows a web server like a public host for having a private IP address which is still attainable over the internet. This type of aid is helpful for both external and internal users but it is extravagant for the overpriced public IP addresses. The SNAT copes with more incoming traffic.
c)Port forwarding, this deals with more arriving traffic but it becomes difficult only when one public IP address and several public servers are considered.
d)PAT is a port address translation, it helps to translate the LAN side of each host to the WAN side public IP address of the routers with an assignment of a different port number.
Port numbers have been utilized to draw traffic from a particular host on the network. When an internal host initiates with the external server, its private IP address is exchanged for the router’s public IP address on each packet and integrated with a port number by making each session unique. The traffic which is returning back is swapped back to the routers NAT table to the original host.
The plot of an internal IP address and port numbers to a translated IP address and port numbers enables flawless packet tracking in and out. TCP or IP port numbers values 16 digits.
Working of NAT (Network Address Translation)
The various devices which are having private IP addresses are reaching and connected to the home router. The home router, in turn, connects with the internet.
When we register with ISP, we get an IP address to use and accessible throughout the internet and that is assigned to the home router like 184.108.40.206. And this is the public IP address that rapidly anyone on the internet can send the packet to.
The reserved private IP addresses are 192.168.x.x or 10.x.x.x for private networks.
For getting the information or the data the device first contacts the server to get that information.
To reach the web server, the device connections need to travel from the router through the internet and finally arrive at the server. The data packet is traveled throughout the process which consists of the request. After arriving at the web server the data will process and modulated and in return the packets. The reply packet consists of the sender address but the web server doesn’t know the private IP address. Because the home router will make changes to the address of the sender’s IP while transmitting from a router to the internet.
Now, the reply packet with a public IP address created by the router is transferred and the packet will reach the home router and then to the device.
The device or user doesn’t care about how it reaches it but cares about the information in the packet.
Features of NAT (Network Address Translation)
For all devices in the private network is a localized unit for the internet. This is because the public network only knows the single public IP address of the user’s network but doesn’t know about all the device’s IP address of the private network.
In this way, NAT(Network Address Translation) helps to hide the actual IP addresses of the terminals and the network’s private IP addresses from the external user.
And also this acts as a firewall.
Disadvantages of NAT
As the IP address is the unique ID for recognizing the device, if there is any change or modification is done to the IP address means the troubleshooting for the devices will happen and leads to more complexity.
It blocks some incoming connections.
Some applications like TCP or IP which are in the form of peer-to-peer application and end-to-end IPsec, and multicast routing protocols will not be worked well by the NAT.
Advantages of NAT
NAT helps and allows by giving access to several devices which are unlimited in the private addresses and these numerous devices will be getting access through the single internet connection.
It helps to save our cash without buying multiple internet connections for multiple devices as it provides internet access through a single connection for multiple devices.
It behaves like a firewall by hiding the actual IP address of our internal network from external sources of the public network.
Without the need for any registration of IP addresses, the enterprise can assign these IP addresses to the internal host.
This is expounded in RFC 1631, the obtainable IP addresses are in leisure way of exhausts.
The smaller number of public IP addresses are characterized as many private IP addresses.
This NAT found other applications that are not related to IP address conservation. That NAT(Network Address Translation) application is merged with two firms and the internetworks.
Because of NAT, the lack of IP addresses for the organization is solved.
NAT vs PAT
The basic of NAT is it translates the private local IP address with a public global IP address.
Inside local IPv4 address are 10.0.0.1, 10.0.02.
Inside global IPv4 address 220.127.116.11, 18.104.22.168
This relationship is a superset of PAT.
This uses the IPv4 address.
The conversion of private IP of an network which is internal,to the address of public IP with the assist of port number.
A variant of the NAT.
IPv4 addresses along with the port number.
Security in NAT
If one wants to work on campus network then we need to follow some of the security concerns. We should be often conscious of the following,that the administrator of the NAT device must be supervise the host which is incharge of security problems and observe the actions of the party of that host. If NAT cannot recognize the host or if the host is not recognizable then the administrator must block that host and remove that device completely.
To reduce the drawbacks of NAT (Network Address Translation)devices,
By making logins for NAT device must be adequate and facilitate for identification of particular host. DUe to fewer amount of non-volatile storage on equipments,the unloaded logs are required to a secondary cell like syslog server.
This security need to be seen while associated with many hosts.
To know the hosts the admittance for NAT devices are need to be restricted. The administrator need to handle the technique for identifying those individual hosts.
Summary of NAT (Network Address Translation)
The technology where the public IP address of a router gets exchanged with the private IP address of an internal host is NAT technology. This buildup security for the IP address of the internal host which is hidden. The lifespan will be increased when this technology when it combines with the IPv4 addressing schema and in this process conserves IPv4 addresses.
Download What is a Network Address Translation in pdf – Click here