11.2 NAT Operation
11.2.4 Overloading inside global addresses

The Figure illustrates NAT operation when a single inside global address can be used to represent multiple inside local addresses simultaneously. In this example, an extended translation entry table is used. In the table, the combination of address and port makes each global IP address unique. The use of ports to make an address unique is actually Port Address Translation (PAT), which is a subset of NAT.

The steps in the following list correspond to the numbered NAT operation steps in the Figure:

  1. User at host 10.1.1.1 opens a connection to host B.

  2. The first packet that the router receives from 10.1.1.1 causes the router to check its NAT table. If no translation is found, the router determines that address 10.1.1.1 must be translated. The router allocates a new address and sets up a translation of the inside local address 10.1.1.1 to a legal global address. If overloading is enabled and another translation is active, the router will reuse the global address from that translation and save enough information to be able to distinguish it from the other translation entry. This type of entry is called an extended entry.

  3. The router replaces the 10.1.1.1 inside local IP address with the selected inside global address, 192.168.2.2, and forwards the packet.

  4. Outside host B receives the packet and responds to that node using the inside global IP address 192.168.2.2.

  5. When the router receives the packet with the inside global IP address, the router performs a NAT table lookup using the inside global address and port number, and the outside address and port number as the references. The router then translates the address to the 10.1.1.1 inside local address and forwards the packet to 10.1.1.1. Host 10.1.1.1 receives the packet and continues the conversation. For each packet, the router performs Steps 2 through 5.