four types of NAT

Got NAT?: Insight - Communications - ZDNet Australia

four types of NAT.

1. Static
Also known as inbound mapping, static NAT maps an unregistered/nonroutable internal IP address to a registered/routable IP address on a one-to-one basis. This is necessary when a network device needs to be accessible from outside the network.

Example: Your mail server has an IP address of 10.0.1.5 (a nonroutable IP address on the Internet). Your NAT device translates that address to 202.0.1.5 (a routable IP address).

2. Dynamic
Dynamic NAT maps an unregistered IP address to a registered IP address from a pool of registered IP addresses. Dynamic NAT creates a one-to-one mapping between unregistered and registered IP addresses. However, this mapping varies depending on the registered addresses available in the pool at the time of communication.

Example: An internal client has an IP address of 10.0.1.150. When this address tries to communicate with an outside network, your NAT device translates it to the first available address in the range of 202.0.1.50 to 202.0.1.100.

3. Overloading
Also known as Port Address Translation (PAT), single-address NAT, or port-level multiplexed NAT, overloading is a type of dynamic NAT that maps multiple unregistered IP addresses to one registered IP address by using source port substitution before it translates the network request.

Example: Your NAT device translates all internal clients to a single routable IP address, but it assigns each source session a different port before sending it to the destination IP address.

4. Overlapping
Overlapping NAT occurs when the internal IP addresses are routable but used on another network. The NAT device translates these addresses to unique routable addresses before forwarding the communication.

Organisations use this type of NAT when using the same routable addresses for internal clients in physically different locations on the network. You usually implement overlapping NAT using dynamic DNS.

Example: Your NAT device translates a client with an IP address of 202.0.1.50 (a routable address also used by a different client in a physically different location) to an address in the range of 202.0.2.50 to 202.0.2.100.

Don't worry that implementing NAT will cause a performance decrease on your network. An entry in the address translation table of your router takes about 160 bytes, and a router with only 2 MB of DRAM can process 13,107 simultaneous translations.

This should be sufficient for any small network. In addition, keep in mind that adding memory to your router can help if you encounter a problem.

When implementing NAT, most organisations usually prefer the Dynamic NAT approach. It creates a Layer-3 firewall between the internal network and the Internet.

This way, computers on the Internet can't connect to the internal client unless the internal client initiates the communication. Keeping hostile networks from connecting to your internal clients is a good beginning to securing your network.