Sunday, February 7, 2016

Network Address Translation (NAT)

Public IP address are rare to find, specially classes A,B & C. Recently IP version 6 introduced to address this problem. However IPV6 adoption is slow and can't practically be helpful in near future. To address this problem network administrators usually use private IP addresses on local networks. Private IP addresses allow computers and other devices on the network to communicate with each other. But the disadvantage of these type of IP addresses is that they are not routable on the Internet. In other words, they are not accessible from outside their private network. For instance, if a device use a local IP address to communicate to a destination on internet, the destination expected to send its reply to source local IP address which it doesn't exist in internet and all replies would be lost. The solution to this problem is Network Address Translation(NAT). NAT devices which usually are firewalls sits at the boundary of local network and internet and they pick all the packets that are arriving or leaving the network. Then it will assign the NAT public address to the packets that are leaving the network and store their private address and assigned public address in NAT table. When a response coming back to NAT from internet, NAT will look up in NAT table and will find the IP address which is the actual recipient of packet on local network and will send the packet to that device.
                                   ,----, 
         ,--.                    ,/   .`| 
       ,--.'|   ,---,          ,`   .'  : 
   ,--,:  : |  '  .' \       ;    ;     / 
,`--.'`|  ' : /  ;    '.   .'___,/    ,'  
|   :  :  | |:  :       \  |    :     |   
:   |   \ | ::  |   /\   \ ;    |.';  ;   
|   : '  '; ||  :  ' ;.   :`----'  |  |   
'   ' ;.    ;|  |  ;/  \   \   '   :  ;   
|   | | \   |'  :  | \  \ ,'   |   |  '   
'   : |  ; .'|  |  '  '--'     '   :  |   
|   | '`--'  |  :  :           ;   |.'    
'   : |      |  | ,'           '---'      
;   |.'      `--''                        
'---'