Static NAT: static NAT is a one to one mapping of internal
addresses with the global IP addresses. In network design, static NAT is best
if we are going to host some server inside our network and want it to be
accessible from global internet.
Some of the terminology of NAT worth remembering:
- Inside Local: the host address inside the network that we want to translate
- Outside Local: translated address of the outside hosts, as seen inside their network
- Inside Global: the addresses used to translate the inside addresses
- Outside Global: addresses of outside hosts as seen on the outside
A few more terminologies of NAT:
- Policy based NAT
- Port redirection (one to one mapping for a
single port, also called Static PAT)
- NVIs or NAT virtual interfaces (a newer
method of NAT configuration in which there is no need for inside/outside
definition on an interface. NAT table is maintained on per interface
basis)
I think we have covered enough of the terminology regarding Network
Address translation, now it’s time to practically implement all of the above
concepts for getting a strong technical grasp of above concepts.
For practical implementation of NAT on a Cisco router, follow the
following three steps:
- Designate the interfaces for
inside/outside NAT
- Define an ACL for the local host IPs
- Implemented NAT from the global
configuration mode
In VoIP packets, as it’s not possible to modify the source header, for
this we had to enable some special services of NAT to support SIP or Skinny
protocols etc. there are also some other issues that might arise by changing
the IP in a packet as it will change the packet checksum value, encapsulated data
and hence breaking the meaning of the application.
For an interesting demonstration of NAT, please check http://www.cisco.com/image/gif/paws/6450/nat.swf
URL.
--to be continued--
thanks for the post.
ReplyDelete