Contact Sales

With the NAT essentials out of the way, this article is tasked with reviewing some of the more advanced Network Address Translation (NAT) abilities that are used by both power users and businesses every day. So what else can NAT do? Well along with providing a mechanism for internal privately addressed devices to access the public Internet; it can also be configured to allow publicly addressed devices the ability to access privately addressed devices, typically for servers. This article takes a look at these possibilities and how they can be used.

Advanced NAT Topics

While the majority of NAT's deployment is spent providing the common Internet user the ability to access the Internet via a single or small number of public addresses it also is commonly used within businesses to allow access to internally (and privately addressed) servers.

Port redirection

Think about this common situation, a small business has a number of users that need to access the Internet; now this is the common NAT deployment. However along with these users the business maintains an email and web server which are locally managed and kept.

Well one possibility is to give these servers a direct pubic IP address; this is commonly used when a number of public IP addresses are available, but what if the business was only given two public IP addresses? The first address could be used for the access of the business users via Port Address Translation (PAT).

With only a single other address what should the company do?

One option is to buy another IP address from their provider (if available); another option is to use that single public address to access both the email and web servers which are both privately addressed. Using this method the business is able to conserve a public IP address and is able to save them the expense of the additional address. Figures 1 and 2 show this scenario and how it's provided by NAT.

Figure 1

Figure 2

This ability of NAT is also used by many computer gamers; this is because the connection for some of their games benefits from a more direct connection that is not provided by a ‘common' NAT connection. This is why on most consumer grade routers there is an option for port redirection (or port triggering).

Server load balancing

One feature that is commonly used by businesses but not commonly ‘seen' to the user is server load balancing. What server load balancing (SLB) offers is the ability to have a single public IP address serving a number of internal privately addressed servers; this by itself sounds like "normal" NAT, but how SLB differs is that all of the internal servers are configured for the same service and the same port number.

For example, if you are a business that has a large web presence and this presence outweighs the capability of a single web server; one solution is to use SLB and load balance across multiple private servers. SLB redirects new connections between the servers. For example, a connection coming in from device 1 would go to server 1; the next connection from device 2 would go to server 2, and so on. This way the load is spread across the servers allowing them to share the overall load. How NAT comes in, is that it provides the ability to keep track of the different port number translations that are required for SLB to work.

Keep in mind that this is one of the solutions to this situation and not the only one used by businesses on the modern Internet.

Abilities of NAT

The abilities of NAT are really constrained by the imagination of the engineers and developers writing the standards. All of these abilities at this point are offered by most vendors and are deployed by many small and large businesses. The deployment and implementation of IPv6 will make many of the capabilities obsolete as IPv6 was designed with the modern Internet in mind and because of this has many built-in features that enable more efficient operation.

Learn more networking concepts with great Cisco CCNA Exam Prep by CCIE Joe Rinehart.