Learn about NAT configuration (part 2)

In Part 1, Network Administrator introduced you to the mechanism of NAT (Network Address Translation) and some basic NAT (4 basic NAT types). In the next section, how will the Network Administrator introduce you to the NAT configuration?

Before learning about NAT configuration, learn some   The term used in NAT is defined by Cisco :

1. Inside local address: The IP address is assigned to a host of the local network. This is the address configured as a parameter of the computer's operating system or automatically assigned via protocols such as DHCP . This address is not valid IP addresses issued by the NIC (Network Information Center) or Internet service provider.

1. Inside global address: A valid address issued by the NIC ( Network Information Center) or an intermediary service provider. This address represents one or more inside local IP addresses in communicating with the external network.

1. Outside local address: As the IP address of an external network host, the internal network hosts will see the external network host through this address. Outside local is not necessarily a valid address on the IP network (it may be a Private IP address).

1. Outside global address: The IP address assigned to a host belonging to the external network by the owner of that host. This address is assigned by a valid IP address on the Internet.

Learn more about the operation mechanism of NAT (Network Address Translation), refer here.

NAT can be configured in different ways. In the example below, the NAT Router is configured by compiling a private IP address (usually a Private IP: Inside local address ) into a public IP address (IP Public) . This applies when a device in a private IP address must communicate with the public IP address.

Learn about NAT configuration (part 2) Picture 1

The ISP assigns a range of IP addresses . The IP address range is blocked by a valid address provided by the intermediate service provider or provided by the NIC ( Network Information Center) , also known as Inside Global Address.

Private IP address is divided into 2 different groups. A small group (Outside local address) will be used by the NAT router . The bigger group (Inside local address) is used on Stub Domain.

Address Outside local address is used to compile the unique IP address of a device on Public Network.

Most computers on the Stub Domain communicate with each other using the Inside local address. In addition, some computers on the Stub Domain can communicate with many external addresses ( Outside the network) if the computers   This contains the Inside global address , which does not require address translation.

When a computer on a Stub Domain has an Inside local address that wants to communicate with an external network address (Outsie the network) , packets will be transferred to a NAT router. The NAT router checks on the Routing table to search if there is an entry address (entry) to the destination address. If any address is found, the NAT router will compile the packet and create a port for this packet on the compiled address table. If the destination address is not in the Routing Table , the packet will be discarded.

In order for the Router to send packets to the destination address, using Inside Global Address (which is a valid address issued by the NIC or an intermediate service provider. This address represents one or more IP addresses inside local. in communicating with external networks).

A computer on Public Network sends packets to Private Network. The source address in the packet is the address of Outside Global Address . The destination address is the Inside global address.

NAT router searches on the compiled address table and identifies the destination address, maps (map) to a computer on Stub Domain.

The NAT router compiles the address of the Inside Global Address of the packet to the Insdie Local Address address and sends it to the destination computer.

NAT overloading takes advantage of the TCP / IP protocol , multiplexing, allowing a computer to simultaneously maintain several connections to a computer or another remote computer using other UDP or TCP ports together. An IP packet with a header contains the following information:

1. Source Address (source address) - IP address of the computer such as 201.3.83.132.

1. Source Port - The TCP or UDP port number that the computer assigns to this packet, such as Port 1080.

1. Destination Address - The IP address of the computer receiving the packet, for example 145.51.18.223.

1. Destination Port - The port number of TCP or UDP port that the computer sends the packet requesting the receiving computer, such as Port 3021.

The port number to ensure connecting two computers together is a unique number. Each port number uses 16 bits, which means a port is worth about 65,536. In fact, different manufacturers will map ports in slightly different ways.

The next part of Network Administration will introduce Dyanamic NAT (dynamic NAT ) and Overloading NAT.