Networking - Network Address Translation (NAT)

Networking Network Address Translation (NAT)
The University of Findlay's College of Education

When using a TCP/IP network, every computer must have a unique IP address. There are approximately 256⁴ IP addresses (about 4 billion). Many of these numbers are in ranges that cannot be used over the Internet (ex: 10.0.0.0 to 10.255.255.255 = 16 million numbers all in a private range).

All available real IP addresses have been spoken for since some time in the late 1990's. Even so, the Internet has continued to expand exponentially due in large part to Network Address Translation or NAT.

NAT is the ability of one network device to temporarily give a real IP address to a computer with a private IP address. A NAT server is the device that sits between the private network and the real Internet, facilitating Internet communication for the private IP addresses.

A NAT box has two "network" sides. One side has private addresses, and can communicate with a network of private IP addresses. The other side has a real (or possibly many) IP address(s). The function of the NAT box is to be a relay, handling all the Internet requests for a private network.

When a computer with a private address of 10.10.10.101 needs information from the Internet, the private side of the NAT server receives the request. The NAT server hands the request to the "public" side, and actually goes out on the Internet to retrieve the information. The request comes back to the NAT, and the NAT relays that request back over to the private side, to the computer that requested the information.

If you have a cable modem and a "gateway router", you are using a NAT solution. The gateway router is a NAT box for your home network. For less than $100, one of these gateway routers can provide simultaneous Internet connectivity for several computers.

All DA-Sites use NAT servers. Most use a Cisco PIX box. The early deployment of these PIX boxes was the result of the low number of real IP addresses assigned to each DA-Site. At first each DA-Site was only given 256 real IP numbers. Later that number was increased by about 1000. Still, 1250 real IP addresses for a network with ten times that many computers wasn't a workable solution.

The PIX box is normally configured to use four Class C address ranges (4x256 IP numbers). With that many real IP numbers, the PIX can continuously provide NAT services for all the computers in the entire DA-Site.