Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in
(IP) Internet Protocol datagram packet headers while they are in transit across a traffic routing device.
This technique was originally used for ease of rerouting traffic in IP networks without readdressing every host.
In more advanced NAT implementations featuring IP masquerading, it has become a popular and essential tool in conserving global address
space allocations in face of IPv4 address exhaustion by sharing one Internet-routable IP address of a NAT gateway for an entire private network.
IP masquerading is a technique that hides an entire IP address space, usually consisting of private IP addresses, behind a single IP address in another, usually public address space. The address that has to be hidden is changed into a single (public) IP address as "new" source address of the outgoing IP packet so it appears as originating not from the hidden host but from the routing device itself. Because of the popularity of this technique to conserve IPv4 address space, the term NAT has become virtually synonymous with IP masquerading.
The network address translation feature of NAT secures the private network by hiding the private network addresses from Internet-based users Internet hosts cannot directly connect to machines that use private IP addresses; Internet routers do not recognize private network IDs as valid, and therefore drop requests for destination host located on private networks. Network address translation allows one or more public addresses to be translated to the private Internet Protocol (IP) addressing scheme within the private network. The NAT server should have a single network card connected to a single internal, private network, and may have multiple network cards connected to public networks. You many also bind multiple public IP addresses to a single network card connected to the public network. Network Address translation is inherent in NAT and necessitates the use of private addressing on internal network client accessing the Internet via the NAT server. Internal network clients that use public IP addresses cannot use NAT. When a public address exists for each computer on the private network, use IP routing as provided in Routing and Remote Access. Internal hosts with public IP addresses can make requests to Internet servers directly, and have their requests routed, rather than translated by the RRAS Server. The automatic IP-address assignment feature of NAT supplies the IP configuration to client computers on the private network. This "mini" DHCP server, or DHCP Allocator, eliminates the need for a separate DHCP server. It can configure any DHCP client computer. The name resolution feature of NAT uses DNS proxies to forward requests for name resolution. The DNS proxy forwards the name resolution requests to the DNS server. When the DNS replies, that information is returned to the NAT client, and the request is sent by the NAT client to the NAT server using the resolved IP address. The NAT server sends clients requests to the appropriate DNS servers on the private network or across the internet, depending on how you have configured the NAT server. If you want to host resources on the internal network to be available to internet users, a specific port can be configure that will forward request from Internet-based hosts to access those resources on your internal network. Finally, the NAT server forwards requests from Internet-based users to the computers on the private network that manage a resource such as the internal web or FTP server.
