Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : NAT Technology and Terminology

NAT Technology and Terminology

Sep 09,2009 by alperen

small font medium font large font
image

NAT Technology and Terminology

NAT is the process of altering the IP header of a packet, so the source local address of the internal host is replaced in the header by real global addresses. In some cases, the destination address might also be modified. This swapping process is performed by a NAT device, usually on the network perimeter. The NAT server then maintains a table of the translations that allows returning packets to be addressed with the correct internal address. Figure 5-5 is a simple example of NAT where the local hosts (10.0.0.0 private network) are translated by the NAT device to global addresses in the 192.168.1.0 network.

Click To expand
Figure 5-5: NAT translation for inside network 10.0.0.0

When an outside host sends a response to 192.168.1.97 or 192.168.1.98, the NAT router checks the current table of network address translations, and then replaces the destination address with the original inside source address.


 Note 

Obviously, 192.168.1.0 isn’t a globally routable “real” network, but we’ll use only private addresses in all examples for two reasons. The public addresses belong to someone, and the current or future owners might not agree with their use. Second, inevitably, someone will build a “practice” lab like the ones in the book and a slim possibility would exist for impacting the real owners of the address.

Cisco IOS Software uses the following terms when working with NAT. While other implementations might change the terms, the concepts remain the same:

  • Inside local address The configured IP address assigned to a host on the inside network. Quite often, these addresses are drawn from the RFC 1918 private address pools. They could also be real addresses officially assigned to some other organization.

  • Inside global address The inside global address is the translated address. This is the IP address the outside world sees for an inside host. Typically, these addresses are allocated from a pool of real IP addresses provided by the ISP.

  • Outside local address The IP address of an outside host as it appears to the inside network. Because these addresses are only used on the inside network, they might not necessarily be real public addresses. They can be assigned from the RFC 1918 private address pools.

  • Outside global address The configured IP address assigned to a host in the outside network. This address is a real address assigned from the globally routable pool.

NAT translations can occur dynamically or statically, and can be used for a variety of purposes, as described in the following sections.


304 times read

Related news
» NAT Terminology
by alperen posted on Nov 27,2008
» The Elusive Terminology of NAT
by alperen posted on Nov 27,2008
» load distribution steps
by alperen posted on Nov 27,2008
» NAT translating overlapping addresses
by alperen posted on Nov 27,2008
» Overloading Inside Global Addresses
by alperen posted on Nov 27,2008
Did you enjoy this article?
1 2 3 4 5
Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00 (total 9 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.