Please Whitelist This Site? I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :) If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads. If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK. Thanks for your understanding! Sincerely, Charles Kozierok Author and Publisher, The TCP/IP Guide

NOTE: Using software to mass-download the site degrades the server and is prohibited. If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The TCP/IP Guide  9  TCP/IP Lower-Layer (Interface, Internet and Transport) Protocols (OSI Layers 2, 3 and 4)       9  TCP/IP Internet Layer (OSI Network Layer) Protocols            9  Internet Protocol (IP/IPv4, IPng/IPv6) and IP-Related Protocols (IP NAT, IPSec, Mobile IP)                 9  IP Network Address Translation (NAT) Protocol

IP NAT Overview, Motivation, Advantages and Disadvantages 1 2 3 IP NAT Static and Dynamic Address Mappings

Combining Inside/Outside and Local/Global Address Designations

This is a bit confusing, so I will try to explain further. The NAT translating router has the job of interfacing the inside network to the outside network (the Internet). Inside devices need to be able to talk to outside devices and vice-versa, but inside devices can only use addressing consistent with the local network addressing scheme. Similarly, outside devices cannot use local addressing. Thus, both inside and outside devices can be referred to with local or global address versions. This yields four different specific address types:

1. Inside Local Address: An address of a device on the local network, expressed using its normal local device representation. So for example, if we had a client on a network using the 10.0.0.0 private address block, and assigned it address 10.0.0.207, this would be its inside local address.
   
   
2. Inside Global Address: This is a global, publicly-routable IP address used to represent an inside device to the outside world. In a NAT configuration, inside global addresses are those “real” IP addresses assigned to an organization for use by the NAT router.

Let's say that device 10.0.0.207 wants to send an HTTP request to an Internet server located at address 204.51.16.12. It forms the datagram using 10.0.0.207 as the source address. However, if this datagram is sent out to the Internet as is, the server cannot reply back because 10.0.0.207 is not a publicly-routable IP address. So the NAT router will translate 10.0.0.207 in the datagram into one of the organization's registered IP addresses, say it's 194.54.21.10. This is the inside global address that corresponds to 10.0.0.207. It will be used as the destination when the server sends its HTTP response. Note that in some situations the inside local address and outside local address may be the same.

3. Outside Global Address: An address of an external (public Internet) device as it is referred to on the global Internet. This is basically a regular, publicly-registered address of a device on the Internet. In the example above, 204.51.16.12 is an outside global address of a public server.
   
   
4. Outside Local Address: An address of an external device as it is referred to by devices on the local network. In some situations, this may be identical to the outside global address of that outside device.

Phew, it's still confusing, isn't it? Let's try another way of looking at this. Of these four addresses, two types are the addresses as they are known “natively” by either an inside or outside device, while two are translated addresses:

• Inside Device Designations: For an inside device, the inside local address is its “normal” or “native” address. The inside global address is a translated address used to represent the inside device on the outside network, when necessary.
  
  
• Outside Device Designations: For an outside device, the outside global address is its “normal/native” address. The outside local address is a translated address used to represent the outside device on the inside network, when necessary.

So, what NAT does then is translate the identity of either inside or outside devices from local representations to global representations and vice-versa. Which addresses are changed, and how, depends on the specific type of NAT employed. For example, in traditional NAT, inside devices refer to outside devices using their proper (global) representation, so the outside global and outside local addresses of these outside devices are the same.

IP NAT Overview, Motivation, Advantages and Disadvantages 1 2 3 IP NAT Static and Dynamic Address Mappings