Index of Related Posts:
1. Interviewing for an IT Job
2. What You Need to Know When Interviewing For a Job in IT
3. What to Expect When Going Through the Technical Interview
4. What You Should Know about Headhunters and Recruiters
5. Tips for Networking Success
6. 5 Tips for Successful Webcam Interviews
7. The Basics of Troubleshooting – Part 1 – Ping
8. The Basics of Troubleshooting – Part 2 – Traceroute
9. The Basics of Troubleshooting – Part 3 – Firewalls
10. The Basics of Troubleshooting – Part 4 – NAT
11. The Basics of Troubleshooting – Part 5 – PAT
12. The Basics of Troubleshooting – Part 6 – 1:1 NAT
13. The Basics of Troubleshooting – Part 7 – Port Forwarding
Last week I explained how firewalls work and today I am going to explore Network Address Translation (NAT). If you are going to support any IT infrastructure, you will need to understand how NAT works, as NAT is virtually present on all Internet Protocol (IP) computer networks: in our home networks and corporations.
What is Network Address Translation?
Hold your horses!
Before we start talking about NAT, we need to understand a few things.
Every device connected to an IP computer network needs to have an IP address so that other devices can locate it.
By now I am assuming that you know what an IP (Internet Protocol) address is and that they are represented by notations such as 126.96.36.199.
Actually, there is more to it.
When the Internet Protocol was designed, IP addresses were defined as 32-bit numbers, formed by 4 octets (0.0.0.0 – 255.255.255.255). This is known as IP Version 4 (IPv4).
As you can imagine, by having only 4 octets, the number of available IP address is limited – maximum of 4,294,967,296 addresses. In reality this number is lower, as not all IP addresses are routable (read below).
With the fast growth of the Internet, IP address spacing became a major concern, as millions of devices need IP addresses to join this immense computer network. In 1995 the next generation of Internet Protocol was announced and named the Internet Protocol Version 6 (IPv6).
IPv6 was a result of the redesign of the Internet Protocol and increased the address size from 32 to 128-bit – 16 octets. This new addressing schema allows for potential total of 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. Yes, that is right!
Differently from IPv4 addresses, IPv6 addresses are represented by eight groups of hexadecimal (base-16) numbers separated by colons, such as FE80:0000:0000:0000:0202:B3FF:FE1E:8329.
I am not going to get into the details about IPv6 and its deployment worldwide. I am going to focus on IPv4, because it is still prevalent and most likely what you are going to be troubleshooting when dealing with networking issues.
Public IP Addresses
A public IP address is an address that is routed and can be accessed over the Internet. Think of a public IP address as a unique identifier that allows for devices to communicate to each other over the Internet.
Until 1998, the Network Information Center (NIC), also known as InterNIC was responsible for assigning public IP addresses to organizations, such as Internet Service Providers (ISPs).
Currently, the Internet Assigned Numbers Authority (IANA), which is a department of the Internet Corporation for Assigned Names and Numbers (ICANN), is responsible for assigning public IP addresses
Although every device connected to an IP computer network needs an IP address to communicate to other devices, not all devices need to communicate with the Internet.
Think about a printer in your office. Your computer needs to find the printer on the network by its IP address so that it can send the print jobs directly to the printer. That printer needs to communicate with other computers in your LAN (Local Area Network), however the printer does not need to communicate with devices on the Internet.
Now, think about what I wrote about the exhaustion of IP addresses due to the growth of the Internet. Can you imagine if we tried to connect every single IP device in the world to the Internet? We would not have enough IP addresses, right?
So three ranges of IPv4 addresses were reserved for private networks. That is IP addresses that are not routed on the Internet.
The ranges reserved by the Internet Assigned Numbers Authority (IANA) for private networks are:
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
If you want to learn more, check out the RFC 1918.
Do these IP address ranges look familiar? Most of the routers for home use come pre-configured with 192.168.0.0 as their LAN network.
So why am I talking about IPv4 and private address ranges?
Because if you are going to do any troubleshooting related to networking, most likely you will have to deal with private addresses and it is imperative that you understand how they are routed to the Internet.
Now we are getting close to today’s topic.
Network Address Translation (NAT)
NAT is basically the translation of an IP address used within one network to a different IP address on another network.
Look at the picture below. Does it look familiar?
It should be.
Most of us will have a setup like this at home. Our computer is connected to a cable modem or router, which in turn is connected to our ISP.
Now look at the PC that has an IP address of 192.168.1.10.
That is a private IP address. It cannot be routed on the Internet, remember?
Fortunately, we have a router, which using Network Address Translation (NAT), can route traffic between our PC and the Internet.
Let me explain.
When your computer wants to access a device (or website) on the Internet, it sends packets to your local router addressed to its destination (e.g. a web server) on the Internet.
The router knows your IP address is a private address and that it needs to be the “middle man” between your computer and the device on the Internet.
So the router sends the request to the device on your computer’s behalf, and when the device replies back to the router, it knows it has to deliver the data to your computer.
It sounds simple, right? Actually, there are a lot of complexities when doing that.
Also, think about all the other devices on the LAN that are not only communicating to each other but also, possibly, making other requests to devices on the Internet.
Here is a simplistic break down of what the router is doing with NAT:
- Identifying which LAN device created the request.
- Contacting the target device on Internet.
- Receiving the data.
- Delivering the data to the correct device in the LAN.
The device on the Internet only sees your router as the source of traffic.
What that means is that you can have a hundred computers behind the router and to the device on the Internet there is only one source IP address, in this case 188.8.131.52.
Please note that I used a router for this example, but most likely you will encounter a firewall at the perimeter between the LAN and WAN (the Internet). Firewalls do NAT.
It is also important to understand that there are different types of NAT:
- One-to-One NAT
- One-to-Many NAT (Example above)
- Port Address Translation (PAT)
- IP masquerading
- NAT Overload
Each type of NAT has its own complexities, applications, advantages and drawbacks. I intend to address the various types of NAT in future posts.
It is very important to understand the limitations of IPv4, what has driven the design on IPv6 and why and how NAT is used on IP networks. I highly recommend you to check out some of the resources below
Below is a list of links to important concepts and information that you should be familiar with.
Local Area Network (LAN) – http://en.wikipedia.org/wiki/LAN
Wide Area Network (WAN) – http://en.wikipedia.org/wiki/Wide_area_network
Fully Qualified Domain Name (FQDN) – http://en.wikipedia.org/wiki/FQDN
Domain Name System (DNS) – http://en.wikipedia.org/wiki/DNS
Uniform Resource Locator (URL) – http://en.wikipedia.org/wiki/URL
Router – http://en.wikipedia.org/wiki/Router_(computing)
Network Switch – http://en.wikipedia.org/wiki/Network_switch
Firewall – http://en.wikipedia.org/wiki/Firewall_(computing)
Ping – http://en.wikipedia.org/wiki/Ping_(networking_utility)
Nslookup – http://en.wikipedia.org/wiki/Nslookup
Traceroute – http://en.wikipedia.org/wiki/Traceroute
Ping-of-Death – http://www.cert.org/advisories/CA-1996-26.html
Denial-of-Service (DoS) Attack – http://en.wikipedia.org/wiki/Denial-of-service_attack
Network Address Translation (NAT) – http://www.cisco.com
In my next article, we are going to talk about Port Address Translation (PAT).