NAT

Network Address Translation

 

NAT is the process of altering the IP header of a packet so that the destination address, the source address, or both addresses are replaced in the header by different addresses. This swapping process is performed by a device running specialized NAT software or hardware.

 

A NAT enabled device typically operates at the border of a stub domain. A stub domain is a network that has a single connection to the outside world. When a host inside the stub domain, such as 10.1.1.6, wants to transmit to a host on the outside, it forwards the packet to its default gateway. In this case, the host's default gateway is also the NAT box.

 

The NAT process running on the router looks inside the IP header and, if appropriate, replaces the local IP address with a globally unique IP address.

 

When an outside host sends a response, the NAT router receives it, checks the current table of network address translations, and replaces the destination address with the original inside source address. NAT provides tremendous benefits to individual companies and the Internet as well. Before NAT, a host with a private address could not access the Internet. With NAT, individual companies can address some or all of their hosts with private addresses and then use NAT to access the public Internet. At the same time, these hosts connect to the Internet without necessarily depleting its address space.

NAT has several advantages, including the following:

• NAT conserves the legally registered addressing scheme by allowing the privatization of intranets, yet it allows legal addressing scheme pools to be set up to gain access to the Internet.
• NAT also reduces the instances in which addressing schemes overlap. This could occur if a scheme was originally set up within a private network, and the network was connected to the public network (which may use the same addressing scheme). Without address translation, the potential for overlap exists globally.
• NAT increases the flexibility of connection to the public network. Multiple pools, backup pools, and load sharing/balancing pools can be implemented to help ensure reliable public network connections. Network design is also simplified because planners have more flexibility when creating an address plan.
• De-privatization of a network requires the renumbering of the existing network; the costs can be associated with the number of hosts that require conversion to the new addressing scheme. NAT allows the existing scheme to remain, and it still supports the new assigned addressing scheme outside the private network.

 

Le NAT présente un avantage du point de vue de la sécurité. En effet aucun équipement n’est visible depuis l’extérieur du réseau. Tous les paquets sont adressés au routeur qui grâce à sa table redirige les paquets vers le destinataire.