Nat configuration, Overview, Introduction to nat – H3C Technologies H3C SecPath F1000-E User Manual
Page 442
![background image](https://www.manualsdir.com/files/813036/content/doc442.png)
1
NAT Configuration
Overview
Introduction to NAT
Network Address Translation (NAT) provides a way of translating the IP address in an IP packet header
to another IP address. In practice, NAT is primarily used to allow users using private IP addresses to
access public networks. With NAT, a smaller number of public IP addresses are used to meet public
network access requirements from a larger number of private hosts, and thus NAT effectively alleviating
the depletion of IP addresses.
NOTE:
A private IP address is used only in an internal network, whereas a public or external IP address is used
on the Internet and is globally unique.
According to RFC 1918, three blocks of IP addresses are reserved for private networks:
•
Class A: 10.0.0.0 through 10.255.255.255,
•
Class B: 172.16.0.0 through 172.31.255.255,
•
Class C: 192.168.0.0 through 192.168.255.255.
No host with an IP address in the above three ranges exists on the Internet. You can use those IP
addresses in an enterprise network freely without requesting them from an ISP or registration center.
depicts the operation of NAT.
Figure 1 NAT operation
192.168.1.3
Internet
IP packet 1
Source IP : 192.168.1.3
Destination IP : 1.1.1.2
IP packet 1
Source IP : 20.1.1.1
Destination IP : 1.1.1.2
192.168.1.1
20.1.1.1
IP packet 2
Source IP : 1.1.1.2
Destination IP : 20.1.1.1
IP packet 2
Source IP : 1.1.1.2
Destination IP :192.168.1.3
1.1.1.2
1.1.1.3
Server B
Host
Server A
192.168.1.2
Host
•
A NAT gateway lies between the private network and the public network.
•
The internal host at 192.168.1.3 sends an IP packet (IP packet 1) to the external server at 1.1.1.2
through the NAT gateway.
•
Upon receipt of the packet, the NAT gateway checks the IP header. Finding that the packet is
destined to the external network, the NAT gateway translates the private source IP address