Nat router what is

NAT also allows you to display a public IP address while on a local network, helping to keep data and user history private. IT professionals use NAT to secure their data and use several devices under the same IP — and everyone is interested in securing their data.

Getting the right certification helps IT professionals demonstrate their competence and understanding of these complicated subjects. Download the exam objectives to see all the topics covered by this IT certification.

Read more about Computer Networks. Tags : Computer Networks. What Is NAT? NAT stands for network address translation. Organizations that want multiple devices to employ a single IP address use NAT, as do most home routers. This form of NAT selects a target from a group of registered IP addresses and maps an unregistered IP address to the registered version. Reverse network address translation RNAT. RNAT allows users to connect to themselves using the internet or public network.

Overloading network address translation NAT. In terms of port address translation vs network address translation, PAT is often most cost-effective when many users are connected to the internet through just one public IP address. Overlapping network address translation NAT. Overlapping NAT can happen either when two organizations whose networks both use RFC IP addresses merge, or when registered IP addresses are assigned to multiple devices or otherwise in use on more than one internal network.

In both cases, the networks need to communicate, and the organization s use overlapping NAT to achieve this without readdressing all devices. The NAT router intercepts addresses, and maintains a table of them so that it can replace them with registered unique IP addresses.

The network address translation router must both translate registered external IP addresses to those unique to the private network and translate internal IP addresses to registered unique addresses. In the network address translation context, the internal network, commonly referred to as the stub domain, is usually a local area network LAN that uses IP addresses internally.

Most stub domain network traffic is local, remaining inside the internal network. A stub domain may include both unregistered and registered IP addresses. A traditional NAT configuration requires at least one interface on a router NAT outside ; another interface on the router NAT inside ; and a configured set of rules for translating the IP addresses in the packet headers and possibly payloads. In this example of network address translation configuration, IT configures the NAT router as follows.

Whenever a device on the inside with an unregistered inside, local IP address needs to communicate with the outside, public network, the router translates those unregistered addresses residing on the private inside network to registered IP addresses. Multiplexing enables a computer to maintain multiple connections with remote computer s concurrently using different ports. The header of an IP packet contains:.

Source Address. The addresses clarify the two computers at each end, and the port numbers provide a unique identifier for the connection between the two computers. Although there are a possible 65, values here since each port number uses 16 bits, different ports are mapped in slightly different ways, so about 4, available ports is realistic. In contrast to the computer described above in the traditional NAT configuration, this is how stub domain computers might appear to external networks:.

IP Address: Some stub domain computers do use dedicated IP addresses. In these situations their IP addresses can pass by the NAT router untranslated if you create an access list of IP addresses that clarifies for the router which network computers require NAT.

A typical address-translation table entry requires about bytes, so for most applications, a router with 4 MB of DRAM is sufficient. These addresses are unregistered, meaning no agency or company can use them on public computers or claim ownership over them. Instead of forwarding unregistered addresses, routers are designed to discard them. Therefore, a packet from an unregistered sending computer address could reach its registered computer destination, but the first router the reply came to would discard it.

To reduce the chance of an IP address conflict, it pays to follow the range for each of the three classes of IP addresses in your internal networking:. Because NAT routers appear to be a solo host with a solo IP address to the internet, they are used for small scale industries and home purposes. Address conservation.

Basically, NAT allows a single device, such as a router, to act as an agent between the Internet or public network and a local network or private network , which means that only a single unique IP address is required to represent an entire group of computers to anything outside their network. In order to configure traditional NAT, you need to make at least one interface on a router NAT outside and another interface on the router NAT inside and a set of rules for translating the IP addresses in the packet headers and payloads if desired need to be configured.

The main differences include the different traffic types supported in the implementations. Refer to Cisco Feature Navigator in order to use this tool.

The order in which the transactions are processed using NAT is based on whether a packet is going from the inside network to the outside network or from the outside network to the inside network. Inside to outside translation occurs after routing, and outside to inside translation occurs before routing.

Using NAT, you can establish a virtual host on the inside network that coordinates load sharing among real hosts. In addition to giving users more control over how NAT addresses are used, the Rate-Limiting NAT Translation feature can be used to limit the effects of viruses, worms, and denial-of-service attacks.

Static route entry is configured in the next-hop router and redistributed within the routing network. When the inside global address is matched with the local interface, NAT installs an IP alias and an ARP entry, in which case the router will proxy-arp for these addresses.

If this behavior is not wanted, use the no-alias keyword. When a NAT pool is configured, the add-route option can be used for automatic route injection.

As a result, 10, translations more than would generally be handled on a single router consume about 3 MB. Therefore, typical routing hardware has more than enough memory to support thousands of NAT translations. For The current session is not maintained when failure takes place. Encapsulation does not matter for NAT.

There must be an inside and an outside for NAT to function. This can be accomplished through the use of an access list describing the set of hosts or networks that require NAT. All sessions on the same host will be either translated or will pass through the router and not be translated. Access lists, extended access lists, and route maps can be used to define rules by which IP devices get translated. The network address and appropriate subnet mask should always be specified.

The keyword any should not be used in place of the network address or subnet mask. PAT overloading divides the available ports per global IP address into three ranges: , , and It attempts to assign the same port value of the original request, but if the original source port has already been used, it starts scanning from the beginning of the particular port range to find the first available port and assigns it to the conversation.

There is an exception for To define a pool, the configuration command is used:. The following example translates between inside hosts addressed from either the In the following example, the goal is to define a virtual address, connections to which are distributed among a set of real hosts. The pool defines the addresses of the real hosts. The access list defines the virtual address. If a translation does not already exist, TCP packets from serial interface 0 the outside interface whose destination matches the access list are translated to an address from the pool.

In practical use, the maximum number of configurable IP pools is limited by the amount of available DRAM in the particular router. Cisco recommends that you configure a pool size of Each pool should be no more than 16 bits. Skip to content. Change Language. Related Articles. Computer Network Fundamentals. Physical layer. Data Link layer. Network layer. Transport layer. Application layer.