Introduction to NAT and PAT

Without network address translation (NAT) or port address translation (PAT) you probably wouldn’t be able to access the internet from your computer or at least you’ll be the only one in the house having internet access…in this lesson I want to give you an explanation of why and how we use NAT/PAT for Internet access.

Without network address translation (NAT) or port address translation (PAT) you probably wouldn’t be able to access the internet from your computer or at least you’ll be the only one in the house having internet access…in this lesson I want to give you an explanation of why and how we use NAT/PAT fo



Let’s start with a topology:

nat example network

On the left side we have a computer on our LAN with the IP address 192.168.1.1 connected to a router. From our ISP we got the IP address 4.4.4.4 and there’s a server on the Internet using IP address 1.2.3.4. If our computer send something to the server what would be the source and destination IP address of the IP packet it will send?

without nat incoming packet

The source IP address will be our computer and the destination IP address will be the server as you can see in the IP packet in the picture above.

without nat return traffic

Once our server responds it will create an IP packet specifying the computer’s IP address as the destination and the source IP address will be its own IP address.

Is there anything wrong with this example? No, it’s perfectly fine except for one detail…the IP address of the computer and the IP address on the router are private IP addresses. Private IP addresses are meant for our LANs and public IP addresses are for the Internet.

This time we are going to configure NAT (Network Address Translation) and see what the difference is…

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 654 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

540 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: , ,


Forum Replies

  1. Hello Rene,
    Great video. I have a suggestion please. Can you start doing like a CCIE video series, many people understand better with videos and the way you explain topics is very great and straight forward, i hope you can implement this idea which will be so great. thanks

    Ammar,

  2. Hi Rakesh,

    PAT means port address translation, this doesn’t mean that the source port is always changed though. Take a look at this example:

    How to configure PAT on Cisco IOS Router

    Look for the show ip nat translations command in that lesson. You can see the source ports remain the same, the router will only change these if two hosts happen to pick the same source port number.

    CGNAT stands for Carrier Grade NAT. Some ISPs don’t give their customers public IP addresses anymore but private IP addresses. The ISP will use NAT/PAT to put many customers behind a single public IP address.

    Rene

  3. Hi, and thank you for the reply. I was talking about dynamic NAT, or Static NAT, where you would have a pool of Public IP addresses and a pool of private addresses. In order to use one of the public IP addresses as your new source address, it has to be configured on the router, right? Or can you just have your ISP route you the subnet and they will see the source ip as it get’s NAT’d and know what to do with it.

    I hope this makes more sense, I am not talking about PAT (layer 4) at all.

    Thanks

  4. Please explain what is a bidirectional NAT

  5. Hi Pavan,

    In most NAT/PAT examples, we only translate the source IP address.

    With bi-directional NAT, you can translate both the source and destination IP address at the same time.

    Rene

12 more replies! Ask a question or join the discussion by visiting our Community Forum