NAT
(Network Address Translation) is a process by which private network devices can
reach out to the devices on the Internet and receive responses. In a normal or
usual scenario every household has a public address and this address is used by
multiple devices internally (private devices). Without NAT, there would have
been only one internal or private device accessing the Internet. Also NAT is
required as it works as a gate way between the private network (for example
network 192.169.x.x) and the public network (for example 203.246.x.x). By
default and in real world the private devices are not accessible to the public
network directly. They have to be accessed through the NAT router.
The
process of making a private device available or able to access the internet is
as follows:
1.
Local
machine attempts to access www.google.com (74.125.229.34)
2.
NAT
router creates a new entry in the lookup table associated with the local
machine’s private network address and the internal source port.
3.
NAT
router rewrites the machine’s IP address to that of the NAT’s public IP and
open up a new source port and rewrites the original port number with the new
one.
4.
The
new combination of public IP and new source port number are recorded alongside
the private source IP and original port number in the lookup table.
5.
The
NAT router also adjusts the checksums so that it would reflect the changes that
were made.
6.
The
packet is forwarded to www.google.com (74.125.229.34)
When
the response is received, the NAT router checks its lookup table for any
entries whose public source port corresponds to the destination port of the
inbound packet and whose destination IP corresponds to the source IP of the
inbound packet. Once this is determined, the NAT router rewrites the IP header
of the inbound packet according to the lookup table and forwards it to the
correct private machine.
This
process continues and runs successfully in the same manner, no matter how many
devices are in the private network.
