Network Address Analysis (NAT)
Network Address Analysis (NAT) is an internet standard that facilitates a local area network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT maps an entire network to a single IP address. It is very necessary when the number of IP addresses assigned by the ISP is less than the total number of computers that you are willing to use for accessing the internet. NAT allows one to use the reserved address blocks which are described RFC 1918 – Address Allocation for Private Internets. NAT works by inquiring both the incoming and outgoing IP datagram. It then modifies the source or destination address in the IP header to reflect the configured address mapping. NAT supports both static and dynamic mappings of one or more internal and external IP addresses. The functionality of NAT is common on routers and other gateway devices which are found at the network boundary. Nat can also be implemented entirely in software. However, NAT cannot provide all the features of a firewall. It is therefore necessary to use it together with firewalls and antivirus in a server. The main reason why NAT was designed was to conserve public Internet address space.
There are several reasons why we may need to use NAT. However, the most important reason why we need NAT is to be able to have unique IP addresses for all the computers in the internet. Since the number of IP addresses available are limited, there is need to have a mechanism that can be used to minimize the number of public IP addresses.
When a client in a private network contacts a machine in the public network, IP packets destined for that machine are sent out. The packets contain the Source IP address and the source TCP or UDP port. When these packets pass through the NAT gateway, they are modified so that they appear as if they are coming from the NAT itself. Once the changes have been made, NAT ensures that the changes are recorded and whenever the return packets come, the changes are reversed so that the information is not altered in anyway. (Larry, 2003)
The main problem that is solved by use of NAT is the problem of insufficient IP addresses for all the computers in the world.
Every computer should have a unique IP addresses. The number of IP addresses available cannot be enough for all the computers across the globe. A mechanism is therefore required that can ensure that all computers are accommodated in the internet. NAT helps to solve this problem of insufficient IP addresses by using one IP address for any particular local area network.
Other problems that NAT solves include:
1. Provides for security : It provides for a type of firewall as it hides the internal IP addresses in the network
2. It enables a company to use more internal IP addresses. There is no possibility of the IP addresses conflicting with other IP addresses which are used by other companies and organizations. It allows a company to combine multiple ISDN connections into a single internet connection. It helps in proper administration of the computers in the network.
NAT is used by devices that sit between a private network and a public network. NAT takes several forms which include:
Static NAT – This is used for mapping unregistered IP addresses to registered IP addresses on a one-to-one basis. It is very useful when a device is to be accessed from outside the network.
Dynamic NAT – This is used for mapping unregistered IP addresses to registered IP addresses from a group of registered IP addresses.
Advantages of NAT
- Public IP address Sharing - It allows for many internet hosts to share a single external IP address. This helps in saving money and also for conserving IP address space.
- The users do not require any support as the inbound connections do not use the public IP addresses.
- Increased security: It improves the level of security in a network as it hides the internal structure of the network.
- When there is one IP address that is attached to the internet, there is no need of replacing the IP address of each and every host on the internal net as NAT accomplishes the whole task.
Easier Expansion – it is easy to add new clients to an already existing local network since the devices of the LAN are addressed privately and there is no need of acquiring a public IP address for each one of them.
- Greater local control – The administration work is very easy as they can easily control the private network and at the same time be able to connect to the internet.
- Greater Flexibility in ISP service – Changing from one ISP to another is easier as you only need to change the public address only. The IP address for the client machines will still remain the same.
- Transparent – The implementation of NAT is very transparent as the changes take place in one or just some few routers. The other hosts do not need to be changed.
Disadvantages of NAT
- Complexity – it is complex to set up the NAT and manage the network. The process of troubleshooting is also made difficult due to address substitutions.
- There are some functions that do not work properly in the absence of the real IP address in the client host machines.
- NAT has compatibility issues with certain applications.
- It has poor support for client access.
- The address translation that occurs results into performance reduction
NAT is a technology which has a series of benefits in the networking environment. However there are some disadvantages but all these are overweighed by the numerous advantages that comes with it. If the NAT technology could have not been there then probably at the moment all the IP addresses could have been exhausted and we could be experiencing problems of a clash in IP addresses which can limit the functionalities of the affected machines. NAT technology should always be implemented so as to ensure that IP addresses are reserved.
1. François Audet; and Cullen Jennings (2007) RFC 4787 Network Address Translation (NAT) Behavioral Requirements for Unicast UDP.
2. G. Van de Velde et al.; (2007) RFC 4864, Local Network Protection for IPv6, May
3. Larry L. Peterson; and Bruce S. Davie; (2003) Computer Networks: A Systems Approach, Morgan Kaufmann, , pp. 328-330
4. R. Bush; and D. Meyer; RFC 3439, (2002)Some Internet Architectural Guidelines and Philosophy