Content Overview The rapid growth of the Internet has astonished most observers. One reason that the Internet has grown so quickly is due to the flexibility of the original design. Without developing new methodologies of IP address assignment, this rapid growth of the Internet would have exhausted the current supply of IP addresses. In order to cope with a shortage of IP addresses, several solutions were developed. One widely implemented solution is Network Address Translation (NAT).NAT is a mechanism for conserving registered IP addresses in large networks and simplifying IP addressing management tasks. As a packet is routed through a network device, usually a firewall or border router, the source IP address is translated from a private internal network address to a routable public IP address. This allows the packet to be transported over public external networks, such as the Internet. The public address in the reply is then translated back to the private internal address for delivery within the internal network. A variation of NAT, called Port Address Translation (PAT), allows many internal private addresses to be translated using a single external public address. Routers, servers, and other key devices on the network usually require a static IP configuration, which is entered manually. However, desktop clients do not require a specific address but rather any one in a range of addresses. This range is typically within an IP subnet. A workstation within a specific subnet can be assigned any address within a range while other values are static, including the subnet mask, default gateway, and DNS server. The Dynamic Host Configuration Protocol (DHCP) was designed to assign IP addresses and other important network configuration information dynamically. Because desktop clients typically make up the bulk of network nodes, DHCP is an extremely useful timesaving tool for network administrators. Students completing this module should be able to:
Content 1.1 Scaling Networks with NAT and PAT 1.1.1 Private addressing RFC 1918 sets aside three blocks of private IP addresses. They are one Class A address, 16 Class B addresses, and 256 Class C addresses. These addresses are for private, internal network use only. Packets containing these addresses are not routed over the Internet. Public Internet addresses must be registered by a company with an Internet authority, for example, ARIN or RIPE. These public Internet addresses can also be leased from an ISP. Private IP addresses are reserved and can be used by anyone. That means two networks, or two million networks, can each use the same private address. A router should never route RFC 1918 addresses, because ISPs typically configure the border routers to prevent privately addressed traffic from being forwarded. NAT provides great benefits to individual companies and the Internet. Before NAT, a host with a private address could not access the Internet. Using NAT, individual companies can address some or all of their hosts with private addresses and use NAT to provide access the Internet. Web Links Internet-Legal versus Private Addressing http://www.unoverica.com/documentation/ ucm/mt211ai6.html
Content 1.1 Scaling Networks with NAT and PAT 1.1.2 Introducing NAT and PAT NAT is designed to conserve IP addresses and enable networks to use private IP addresses on internal networks. These private, internal addresses are translated to routable, public addresses. This is accomplished by inter-network devices running specialized NAT software and can increase network privacy by hiding internal IP addresses. A NAT enabled device typically operates at the border of a stub network. A stub network is a network that has a single connection to its neighbor network. When a host inside the stub network wants to transmit to a host on the outside, it forwards the packet to the border gateway router. The border gateway router performs the NAT process, translating the internal private address of a host to a public, external routable address. In NAT terminology, the internal network is the set of networks that are subject to translation. The external network refers to all other addresses. Cisco defines the following NAT terms: Interactive Media Activity Drag and Drop: Basic Network Address Translation When the student has completed this activity, the student will be able to identify the IP address translations that occur when using NAT. Web Links NAT Frequently Asked Questions http://www.cisco.com/en/US/tech/tk648/ tk361/technologies_q_and_a_ item09186a00800e523b.shtml
Content 1.1 Scaling Networks with NAT and PAT 1.1.3 Major NAT and PAT features NAT translations can be used for a variety of purposes and can be either dynamically or statically assigned. Static NAT is designed to allow one-to-one mapping of local and global addresses. This is particularly useful for hosts which must have a consistent address that is accessible from the Internet. Such hosts may be enterprise servers or networking devices.Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assigned to a network host. Overloading, or Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address. Multiple addresses can be mapped to a single address because each private address is tracked by a port number. PAT uses unique source port numbers on the inside global IP address to distinguish between translations. The port number is encoded in 16 bits. The total number of internal addresses that can be translated to one external address could theoretically be as high as 65,536 per IP address. Realistically, the number of ports that can be assigned a single IP address is around 4000. PAT will attempt to preserve the original source port. If this source port is already used, PAT will assign the first available port number starting from the beginning of the appropriate port group 0-511, 512-1023, or 1024-65535. When there are no more ports available and there is more than one external IP address configured, PAT moves to the next IP address to try to allocate the original source port again. This process continues until it runs out of available ports and external IP addresses.NAT offers the following benefits: