NAT
Summary
| Direction | Modified field | Where in Datagram | Change | Checksum recomputed |
|---|---|---|---|---|
| LAN -> Internet | Source IP | IP header | Private -> Public IP | IP checksum |
| Source Port | TCP/UDP header | New unique port assigned | TCP/UDP checksum | |
| Internet -> LAN | Destination IP | IP header | Public -> Private IP | IP checksum |
| Destination Port | TCP/UDP header | Mapped back to internal port | TCP/UDP checksum |
Concept
Network address translation(NAT)
- router that sits in between the internet and the LAN
- aggregates a subnet to one public facing IP address
IP address shortage
- public IP addresses - need to be globally unique
- private IP addresses - not unique, only routable internally
NAT router
- maps WAN side port number to LAN side private IP and port number
- 16-bit port number
- change ISP buy just changing the public IP
- network isolation - LAN hosts cannot be explicitly addressed from the outside
- modifications to packets:
- IP - recompute IP datagram header checksum
- port - recompute transport layer checksum
NAT translation table
| Public IP & New Port | Private IP & Internal Port |