NAT
What is NAT?
NAT is a technology which enables multiple devices share one public IP.
How NAT works?
DHCP in NAT routers assign “private IP”, such as 10.0.0.1 and 10.0.0.2, to devices in LAN created with NAT.
When NAT router receives packets, it uses “NAT translation table” to translate between private and public addresses and determine which device should the packet be sent
Application
- Addresses IPv4 address exhaustion problem
- When we use virtual machines in NAT mode, our computer becomes a NAT router
Detail
S-NAT
Definition
Modifies the source IP of the outgoing packets
Example
Packet header
- source IP:
192.168.0.2 - destination IP:
8.8.8.8
If this packet go through NAT, this connection will be memorized in the table and source IP will be change to NAT’s public IP, such as 140.112.91.208
D-NAT
Definition
Modifies the destination IP of the incoming packets
Example
Packet header
- source IP:
8.8.8.8 - destination IP:
140.112.91.208
This packet is going into LAN, the NAT will search in the table then change the destination IP to 192.168.0.2 before sending inside LAN
Harpin NAT
Definition
When the source IP is private IP and destination IP is public IP of LAN, this means we are transferring packet from internal client to internal client
Steps
Step 1: Clients send request
Client (192.168.0.2) want to access 140.112.91.208, which is public IP of the LAN
Step 2: Router Applies D-NAT
Change destination IP to internal server private IP (192.168.0.4)
Step 3: Router Applies S-NAT (IMPORTANT)
Change source IP to router’s private IP (192.168.0.254)
We want to reply packet destination IP to be the router, thus we change source IP of request packet
Step 4: Server Receives and Reply
Server (192.168.0.4) send packet to destination (192.168.0.254), which is the router
Step 5: Router Translate Back
Change the header IP to
- source IP:
140.112.91.208 - destination IP:
192.168.0.2