11.2 NAT Operation
11.2.1 NAT functions
NAT can be used to perform several functions. This section describes in detail the operation of the following NAT functions:
  • Translating inside local addresses - This function establishes a mapping between inside local and global addresses.
  • Overloading inside global addresses - You can conserve addresses in the inside global address pool by allowing source ports in TCP connections or User Datagram Protocol (UDP) conversations to be translated. When different inside local addresses map to the same inside global address, the TCP or UDP port numbers of each inside host are used to distinguish between them.
  • TCP load distribution - A dynamic form of destination translation can be configured for some outside-to-inside traffic. When a mapping scheme is established, destination addresses that match an access list are replaced with an address from a rotary pool. Allocation is done on a round-robin basis, and is done only when a new connection is opened from the outside to the inside. All non-TCP traffic is passed untranslated (unless other translations are in effect).
  • Handling overlapping networks - NAT can be used to resolve addressing issues that arise when inside addresses overlap with addresses in the outside network. This can occur when two companies merge, both with duplicate addresses in the networks. It can also occur if you switch ISPs and the address you were assigned by your former ISP is reassigned to another client.