I have talked previously about ways to delay the huge problem of running out of unique IPv4 IP Addresses by using CIDR and Subnetting. IPv6 has so far solved the problem by offering way more than enough usable IP Addresses, but getting everything transitioned over to IPv6 will take a long time, so IPv4 is still heavily in use today and is important to know for the ICND1 Exam.
Now let me introduce my good friends NAT and PAT. They both help us save precious IP Addresses and also provide another layer of security to your network. NAT and PAT work together as a team and are NOT competitors in any way. They both provide two different functions, but compliment each other. While NAT can stand on its own, PAT, if used, MUST be used in conjunction with NAT.
NAT
NAT stands for Network Address Translation and helps us by allowing computers hidden inside of an internal network to appear has if they are publicly accessible from outside of the network. There are two types of IP Addresses, public and private. Public IP Addresses are used out on the Internet and have to be assigned to you by your ISP. Public IP Addresses are unique, meaning that each IP Address can only be used once. Private IP Addresses can’t be routed out to the internet, and are only designed to work internally on a private network. The most typical private IP Address range is 192.168.0.0.
In order for NAT and PAT to work you must of a router separating your internal network from your external network or in many cases the Internet. In this configuration your router acts as a gatekeeper and hides your internal network from the world. NAT and PAT will both be configure on this router.
What NAT does is translate your public IP Address to a private IP Address. As an example of this your router will translate your external IP Address of 209.85.225.104 to an internal address of 192.168.1.2. Simply by giving all devices on your network a private IP Address you add an additional layer of security. However this is only a one-to-one translation meaning that if you have 5 servers on your local network you will need to have 5 external IP Addresses. PAT solves this problem.
PAT
Okay, now lets meet our good friend PAT! PAT stands for Port Address Translation and is really cool because it will allow you to connect multiple computers on your internal network to the Internet using only ONE public IP Address. You can have a web server, an email server, and a ftp server all sharing just one public IP Address. See how this can save many public IP Addresses and further extend the life of IPv4!?!? This is a one-to-many relationship. In order for PAT to keep track of which packets coming from the outside go to which server on the inside it uses port numbers. Port numbers are a topic for a more in depth discussion later, but for now know that the default port number for a web server is 80, email server is 25, and ftp is 21.
If we use the same public IP Address as before of 209.85.225.104, all web traffic packet headers have port 80 in them so our router will know to send that traffic to our web server with the IP Address of 192.168.1.2. All traffic with the port number 25 will get sent to our email server with the IP Address of 192.168.1.3. All traffic with the port number 21 will get sent to our ftp server with the IP Address of 192.168.1.4. It’s a pretty simple process, but has helped save millions of IP Addresses!
Related Articles:
- IP Addresses
- IP Address Classes
- How to Convert and IP Address to Binary (VIDEO)
- How to Subnet a Range of IP Addresses (VIDEO)
- Classless Inter-Domain Routing
Related Topics:
ICND1 Study Guide – The Fastest Way To Get Cisco Certified Guaranteed!