What is Network Address Translation?
Network address translation (NAT) is a dynamic method of consolidation used by systems in order to minimize Internet connectivity needs. Specifically, network address translation describes the rewriting of the Internet Protocol (IP) addresses of data packets so that multiple transmissions require only one IP address. The rewriting takes place as the data passes through a network or a network firewall. This is done on a private network. In addition to the firewall, companies also use routers or even computers to perform network address translation functionality.
Network address translation commonly takes one of four forms: Static NAT, Dynamic NAT, Overloading, or Overlapping. Static NAT is translating one unregistered IP address to another, registered one. Dynamic NAT is translating one unregistered IP address to another chosen from a group of registered addresses. Overloading is a form of Dynamic NAT that translates a series of unregistered addresses to one registered one. Overlapping is translating multiple addresses from one network to another. Each method is used according to the specific needs of the company at hand.
One of the main reasons for using network address translation is the conservation of IP addresses. Many industry experts think that the explosion in demand for IP addresses will result in a global shortage created by the elimination of all the available permutations of numbers in the 32-bit IPv4 standard that dominates the Internet today. One method of addressing this concern has been the creation of IPv6, which includes 128 bits and vastly more possibilities for IP addresses. The creation of IPv6 doesn't really address the shortage problem, however. Network address translation does, by not creating new IP addresses when they aren't needed.
One drawback of network address translation is that it doesn't allow for a true connection from start to finish. In other words, if a connection originates from outside the network, then the network address translation protocols can't guarantee that the data will remain intact all the way through the process. That the original IP wasn't one associated with the network to begin with is the mitigating factor here.
On the other hand, this mitigating factor can also be a benefit. If the network address translation won't allow wire-to-wire data transfer from a source outside the network, then it naturally serves as a barrier to data streams with malicious intent. That kind of functionality can naturally serve as a security service that keeps out viruses, worms, and other dangers.
Discuss this Article
Post your comments