• Home
  • InfoBase
  • Dictionaries
  • Member
  • News
    • 中文网站
     Advanced Search
    Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
    HomeProtocolsTCP/IPApplication

    NAT: Network Address Translation

    Basic Network Address Translation (Basic NAT) is a method by which IP addresses are mapped from one group to another, transparent to end users. Network Address Port Translation, or NAPT is a method by which many network addresses and their TCP/UDP ports are translated into a single network address and its TCP/UDP ports. Together, these two operations, referred to as traditional NAT, provide a mechanism to connect a realm with private addresses to an external realm with globally unique registered addresses.

    The need for IP Address translation arises when a network"s internal IP addresses cannot be used outside the network either for privacy reasons or because they are invalid for use outside the network. Network topology outside a local domain can change in many ways. Customers may change providers, company backbones may be reorganized, or providers may merge or split. Whenever external topology changes with time, address assignment for nodes within the local domain must also change to reflect the external changes. Changes of this type can be hidden from users within the domain by centralizing changes to a single address translation router. Basic Address translation would allow hosts in a private network to transparently access the external network and enable access to selective local hosts from the outside. Organizations with a network setup predominantly for internal use, with a need for occasional external access are good candidates for this scheme.

    There are limitations to using the translation method. It is mandatory that all requests and responses pertaining to a session be routed via the same NAT router. One way to ascertain this would be to have NAT based on a border router that is unique to a stub domain, where all IP packets are either originated from the domain or destined to the domain. There are other ways to ensure this with multiple NAT devices.

    The NAT solution has the disadvantage of taking away the end-to-end significance of an IP address, and making up for it with increased state in the network. As a result, end-to-end IP network level security assured by IPSec cannot be assumed to end hosts, with a NAT device enroute. The advantage of this approach however is that it can be installed without changes to hosts or routers.

    Protocol Structure

    NAT is an algorithm instead of a structured protocol.

    Related Terms: IP, IPv4, TCP, UDP, ICMP, FTP, DNS

    Sponsor Source: NAT is defined by IETF (http://www.ietf.org) RFC3022.

    Reference:
    http://www.javvin.com/protocol/rfc3022.pdf: Traditional IP Network Address Translator (Traditional NAT

    ‹ MIME: Multipurpose Internet Mail ExtensionsupNETCONF: Network Configuration Protocol ›