NAT and PAT (part 1)

Video Activity

NAT and PAT (part 1) This lesson introduces Network Address Translation (NAT) and Port Address Translation (PAT). NAT allows a private IP address to be translated to a public address and vice versa. It is performed via static, dynamic and overloading NAT. PAT is overloading NAT and translates based on IP and port.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
31 hours 29 minutes
Difficulty
Beginner
CEU/CPE
30
Video Description

NAT and PAT (part 1) This lesson introduces Network Address Translation (NAT) and Port Address Translation (PAT). NAT allows a private IP address to be translated to a public address and vice versa. It is performed via static, dynamic and overloading NAT. PAT is overloading NAT and translates based on IP and port.

Video Transcription
00:04
So we talked earlier about the difference between public and private. I p addresses private. I p addresses are addresses that were assigned to computers within our network inside our network. That air not row doble. We can't pass a packet
00:18
addressing a private I p address over the Internet. We can't use a private I P address all over the Internet.
00:24
Then we have public I p addresses public. I p addresses are globally row, double weaken route those all over the internet now, our work stations are devices inside. Our network are gonna have private I P addresses number one because if every single device had a public i p address, we would have long since run out of public I p addresses
00:41
and number two because this keeps our network a little bit more secure.
00:45
We can't. We don't have devices that have globally rideable addresses so anyone can just try, go through Siri's of I P addresses that air globally, row double and connect directly to our device. They'll need to connect through us to us through a public I P address. And then to our private I p address.
01:03
Typically are router will have a
01:06
out facing public I P address that can be connected to over the Internet. And then that will be where, at the router, it passes that information onto us privately. So how does the router to do that? How do we connect over the Internet to Web servers that have private I P addresses but connect to them with the public I p address?
01:26
Well, that's what network address translation allows us to. D'oh. Now network address translation allows our routers to translate a private i p address to a public i p address and back again. This is performed through a couple different ways. We have static Nat,
01:44
Dynamic, Nat and overloading that which will talk about more in depth, known as
01:48
port address. Translation.
01:49
Now static Nat is one private i p. Address to one public I p address and back again.
01:57
So if we are trying to access a Web server over the Internet, then we have our work station,
02:05
and our workstation has a private I p address. So we'll say 1 92.1 68 1.17
02:14
and we connect over to a router, and now this is our router or the one that we were given to buy our Internet service provider, and it has an I P address facing us of 1 92.1 68.1 dot one. That's it's private address that we connect to
02:32
around her also has a public facing address that it sends information out off,
02:38
and we're gonna say that public address is 1 90 are
02:43
sorry about that.
02:44
We're going to say that public address is 17.20 dot 53.200 that is our public facing I. P. Address That public facing I. P address can connect to the Internet
03:00
and which in turn,
03:02
will connect over to a different router where we're trying to get to whose I P address is 1 74.16 dot 100.11 mess that other routers public facing I P address,
03:21
which then in turn may connect to a Web server
03:24
with a private I P address of 1 92.1 68
03:30
dot
03:30
1.11 and then the private address on the router is 1 92.1 68 dot
03:39
1.1. So that's our connection through our Internet here with our workstation on one end and the server on another end. Now,
03:50
if we notice our private address schemes for our network and the servers network are the same, we're both using a
03:58
class C private address 1 90 to 1 68.1 dot whatever, and they're using the same on there in network. This is because as long as those addresses are inside a router or inside their own private network, they convey the those private I P address classes because they're not gonna be routed
04:16
and they could be the same. We can have multiple networks all over the world
04:20
with the same private address, private address game because that private address scheme isn't gonna go anywhere. It's only the public addresses that have to be unique.
04:31
Now
04:32
our computer needs to send a request to this Web server over here.
04:36
And this Web server is set up with his router with static Nat.
04:42
So this router knows that if anyone sends a web request
04:46
to 1 91 91 74.16 dot 100.11
04:54
that is gonna pass that Web request, it's gonna translate that request to a request to 1 92.1 68.1 dot 11.
05:02
So
05:04
for all intensive purposes, our server has been assigned
05:10
1 74.16 dot 100.11
05:15
Bessie address that public address that's been assigned to it. And when the response comes back to our router,
05:21
our router isn't broadcasting our workstations. Public i p address over the network to the Web server. The Web server is talking back to our private. Our public address, which are router is then translating toe are private address.
05:38
So this one toe one translation means that each public address is assigned a private address inside on a router. Each public interface address is assigned a private address on our network.
05:49
Now this is great, and it's very straightforward, but it requires that we have to manually set each request. And sometimes we may not want to do this. Maybe sometimes for load balancing purposes or just for equal distribution of requests.
06:04
We don't wanna have static request set because maybe we have a couple different Web servers and we want to load balance their requests.
06:12
So this is where dynamic Nat comes into play now dynamic met Matt is going to map addresses from a pool. So for Dynamic Nat, we may have
06:24
three different Web servers. We may have a couple Web servers that will each be assigned or watch the put in just to Web servers
06:31
that will have a pool of I P addresses. This time we'll say 1 74.16 dot 100.12
06:41
and that Web server
06:44
has its own private i P address and is now assigned the 1 74.16 dot 112 through the dynamic net. We have, Ah, we have a pool of addresses, which we map thio, and this helps with load balancing because it's done automatically and our router may actually take and made distribute equally
07:02
between our routers,
07:03
requests from clients and network address. Translate those.
07:10
Now we've talked about how we're very, very quickly running out of I P addresses and for all intensive purposes, if we mapped every single device in the world that communicates over the Internet. If we mapped it a public I p address, we would have long since run out of public I P addresses.
07:28
So this is where overloading Matt comes into play overloading that provides us with port address translation, which will talk about more, which we'll talk about more in detail a little bit later. But we'll just quickly say that port address translation allows us tow. Have multiple
07:46
I Private I p addresses map to a single public i p address. And so we are router for our home may only have a single public i p address map to it. But then, as we're sending information to a router from 5 10 however, many different devices there are in our home.
08:07
Those addresses will be map to a
08:09
public address using Porter Gran's address translation and sent over the Internet accordingly.
08:16
So we'll talk about port address translation a little bit more in a bit.
Up Next
CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By