IP Addressing and Subnetting Including IPv6
A clear, comprehensive guide to IP addressing, including technical details on IP message formats and standards.
TABLE OF CONTENTS IP Addressing and Subnetting Including IPv6
How Does NAT Work?
NAT works by modifying individual packets. It modifies (at least) the layer 3 headers to have a new address for the source address, destination address, or both. We'll also see an example where layer 4 headers are modified, as well as the data portion (layer 7).
As we'll see, a few small variations in how the addresses are translated can result in a fairly wide range of behavior and features. We'll also see that for some protocols, it will take a lot more than simply changing the layer 3 addresses for them to function with NAT. There are even protocols that can't function with NAT in place.
The NAT function is usually performed by a router or firewall. It is theoretically possible for a bridge (layer 2) device to do layer 3 address translation, and at least one firewall product on the market functions that way. However, the vast majority of the NAT devices, or software that includes a NAT function, depends on plain IP routing to deliver packets to it. Most NAT devices have an underlying IP routing function.
Network Address Translation (Static)
We'll start with the simplest form of NAT, which is called static, or 1-to-1 translation. This is the most intuitive kind: Simply stated, in static NAT, a particular IP address is changed to another going one way, and changed back going the other way. The change usually is done to the source address for outgoing packets. Figure 4.2 will help clarify this.
Copyright Syngress Media, Inc. 2000 under license agreement with Books24x7
