Network Address Translator or Network Address Translation ( NAT ) is the virtualization of Internet Protocol (IP) addresses. NAT helps helps in improving the security and decrease the number of IP addresses needed.
NAT gateways lie between two networks, the one inside and the outside network. Systems in the inside network are usually given local IP’s which usually starts with 192.168.X.X and these IP’s can’t be routed to external networks. Externally valid IP addresses are assigned to the internal gateway to allow the packets to communicate over internet. The NAT gateway makes sure that the traffic going from the inside looks just like the one’s coming from one of the valid external addresses ( for example like 45.62.86.XX). It helps incoming traffic to reach at a valid external address and sends it to the correct internal system. This increases security, since each outgoing and incoming request must go through a translation process which also offers the opportunity to qualify and authenticate incoming data streams and match them to outgoing requests.
NAT reduces the number of globally acceptable IP addresses a company needs, and also in combination with Classless Inter-Domain Routing (CIDR) it has done a lot to extend the useful life time of IPv4. NAT is described in IETF RFC 1631.
The NAT mechanism (or “natting”) is a router feature, and it is often part of a corporate firewall. NAT gateways can be used to map IP addresses in several ways:
- From a local IP address to a global IP address statically;
- From a local IP address to any IP addresses a company may have;
- From a local IP address and a particular TCP port to a global IP address;
- From a global IP address to any of a the pool of local IP addresses available on a round-robin basis.
In some cases, network administrators do not define simple mappings. Instead they define policies that allow gateway device to assign mappings based on the intended destination, or on the protocols being used or on other factors.
A latest role for Network Address Translation is to focus on translating IPv4 addresses to IPv6, and vice versa. This provides integration of IPv4 infrastructure and end-nodes into IPv6 environments, and allow IPv6 services to interact with IPv4 systems.