How NAT Works

How NAT Works
Traffic that is sourced on the inside of the network, coming to an interface marked as inside, will
have an inside local address as its source IP address and an outside global address as the destination
IP address, assuming that no inbound translation of outside addresses is being performed.
Notice we said outside
global
. The destination would be considered outside local only if bidirectional
NAT is being performed. Remember to ask where the source device thinks is the location
of the address it is sending to—on the local network or on the other side of the router that
is transparently acting as the NAT server. If the source host thinks it’s talking to a local device,
and the NAT server must step in and provide the smoke and mirrors to make the communication
occur with a device that is actually not local, then and only then is the address referred to
as an outside
local
address.
When that traffic reaches the NAT process and is switched to the outside network, going out
an interface marked as outside, the source IP address will be translated to an inside global
address, and the destination IP address will still be known as the outside global address, as it has
not changed. Figure 3.1 shows the inside/outside and local/global relationship.
When traffic is sourced on the outside of the network, coming to an interface marked as outside,
the source IP address is known as the outside global address, while the destination IP
address is known as the inside global address. When that traffic reaches the NAT process and
is switched to the inside network, going out an interface marked as inside, the source IP address
will still be known as the outside global address, assuming that it was not translated coming in,
and the translated destination IP address will be known as the inside local address. Let’s talk
about some of the advantages to using NAT.