What is NAT? How to configure NAT to the Internet?


What is NAT?
This is the abbreviation of the English phrase: Network address translation , roughly translated: Compile the network address .  NAT makes the local network address (Private) accessible to the public network (Public-Internet). The edge router, which connects these two types of networks, is where the NAT technique is implemented.  Simply put, NAT is a technique that allows one or more intra-domain IP addresses to convert to one or more out-of-domain IP addresses.


Should I use NAT?
Features of NAT
The main task of NAT is to transmit packets from one network layer to another in the same system. Specifically, NAT will:
Change the IP address inside the packet
Address passing through routers and network devices.
In the process of packets being transmitted from the internet (public) back to NAT, NAT will perform the task of changing the destination address into an IP address inside the local network and forwarding it. In addition, the feature that helps users secure computer IP information makes NAT also considered a firewall .  For example, when the computer is connected to the Internet when there is a problem, the public IP address (previously configured) will be displayed instead of the local network IP.
Advantages of NAT 
Saving IPv4 addresses: The risk of IPv4 address shortage is very high because the number of users accessing the Internet is gradually increasing. NAT will reduce the number of IP addresses that need to be used.
Helps to hide IP inside LAN.
Share Internet resources: NAT can share Internet connection for many different computers and mobile devices in LAN with only a single public IP address.
Helps network administrators filter incoming packets and approve public IP's access to any port.
Disadvantages of NAT
Affects Internet connection speed : When using NAT technique, CPU will have to check and spend time to change IP address. Address conversion must be performed in the data packets which increases the delay during switching.
Hard to find: NAT has the ability to mask IP addresses in LANs. Therefore, it will be difficult for technicians to check the IP origin or trace the packet.
And also because NAT hides the IP address, it will make it impossible for some applications that need to use the IP.
Some related terms
Private IP Address
Each device in the local network (LAN) of companies, organizations, schools, etc. will have a private IP. Through the router network device, Private IPs in the same LAN system can connect to each other. However, Private IPs cannot connect directly to the outside Internet.  Only when converted to Public IP addresses through NAT technique, Private IPs can connect to the outside Internet. 

Public Address (Public IP) 
Another name for Public IP is Out-of-Domain IP. This is a type of address provided by an authoritative organization such as an Internet network provider.
Inside local address
This is the IP address assigned to a device on the internal network. This address is hardly an address provided by NIC (Network Information Center) or service provider like TinoHost .
Inside global address
This is the IP address registered at the NIC. The inside global address is often used to replace the inside local IP address.
Outside local address
This is the IP address of a device on the external network. Devices on the internal network will find devices on the external network through this IP address.  The outside local address does not have to be registered with the NIC but can be a Private address.
Outside global address
 This is the IP address assigned to a device located on the external network. This address is a valid IP on the Internet. This address is derived from a globally routable address from the network address space.
How to configure NAT to the Internet?
Different NAT types will need to be configured differently. 


Static NAT – Static NAT
Simply put, this is a 1-for-1 NAT method. That is, a fixed IP address in the LAN will be mapped to a fixed Public IP address before the packet goes out to the Internet.  The main purpose of static NAT is to help map an IP in the LAN to a Public IP to hide the source IP before going out to the Internet. This will help reduce the risk of being hacked on the network. You can configure static NAT as follows:

Dynamic NAT - Dynamic NAT
This is a public IP saving solution for static NAT. Dynamic LAN will allow NAT of the entire IP range in the LAN to a fixed Public IP range to the outside, instead of mapping each fixed IP in the LAN to each fixed Public IP. You can configure dynamic NAT as follows:

PAT - NAT Overload 
This is the most used solution especially in ADSL Modems.  The essence of PAT is to combine the Public IP and the port number before going to the Internet. At this time, each IP in the LAN when going to the Internet will be mapped to a Public IP associated with the port number. This solution integrates both advantages of NAT:
Reduce the risk of attacks on the network by hiding the IP address in the internal network before the packet goes to the Internet 
Save IP address space
You can configure NAT Overload as follows:

Frequently asked questions about using NAT
How to distinguish Private IP and Public IP?
Duplicity: Public IP is unique. Meanwhile, Private IP can be duplicated when connected to different Public IPs. 
Customizability: The Public IP address is provided by the Internet provider. Therefore, users cannot arbitrarily change. In contrast, computers in the LAN system can customize IP Private according to the unified principle set forth by the network administrator.
What commands can be used to check the NAT configuration?
To display the active NAT table, use the command: R#show ip nat translation To display the active status of the NAT, use the command: R#show ip nat statistics To delete the NAT table, use the command: R#clear ip nat translation To check the NAT operation, display the NAT switch information by router, use the command: R#debug ip nat Any questions and related suggestions, please contact TinoHost immediately for detailed advice or Fanpage to update the latest information! With more than 5 years of experience in providing hosting, server rental, domain-related services and website security, let TinoHost accompany you on the path to asserting your brand on the public map. Global Technology!

Address: 107 Dong Nai - Vietnam. - Email: services@cmt8.net - Phone: 18001119
Copyright © 2012 - BlogMe. All rights reserved