|
The Figure illustrates NAT operation when a single inside global address can be used to represent multiple inside local addresses simultaneously. In this example, an extended translation entry table is used. In the table, the combination of address and port makes each global IP address unique. The use of ports to make an address unique is actually Port Address Translation (PAT), which is a subset of NAT.
The steps in the following list correspond to the numbered NAT operation steps in the Figure:
-
User at host 10.1.1.1 opens a
connection to host B.
-
The first packet that the
router receives from 10.1.1.1 causes the router to check its NAT
table. If no translation is found, the router determines that address
10.1.1.1 must be translated. The router allocates a new address
and sets up a translation of the inside local address 10.1.1.1
to a legal global address. If overloading is enabled and another
translation is active, the router will reuse the global address
from that translation and save enough information to be able to
distinguish it from the other translation entry. This type of
entry is called an extended entry.
-
The router replaces the
10.1.1.1 inside local IP address with the selected inside global
address, 192.168.2.2, and forwards the packet.
-
Outside host B receives the
packet and responds to that node using the inside global IP
address 192.168.2.2.
-
When the router receives the
packet with the inside global IP address, the router performs a
NAT table lookup using the inside global address and port
number, and the outside address and port number as the
references. The router then translates the address to the
10.1.1.1 inside local address and forwards the packet to
10.1.1.1. Host 10.1.1.1 receives the packet and continues the
conversation. For each packet, the router performs Steps 2
through 5.
|