R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101
1
NAT configuration
Overview
Introduction to NAT
Network Address Translation (NAT) provides a way of translating the IP address in an IP packet header
to another IP address. In practice, NAT is primarily used to allow users using private IP addresses to
access public networks. With NAT, a smaller number of public IP addresses are used to meet public
network access requirements from a larger number of private hosts, and thus NAT effectively alleviating
the depletion of IP addresses.
NOTE:
A
private IP address is used only in an internal network, whereas a public or external IP address is used
on the Internet and is globally unique.
A
ccordin
g
to RFC 1918, three blocks of IP addresses are reserved for private networks:
• Class A: 10.0.0.0 through 10.255.255.255,
• Class B: 172.16.0.0 th roug h 172.31.255. 255 ,
• Class C: 192.168.0.0 through 192.168.255.255.
No host with an IP address in the above three ran
g
es exists on the Internet. You can use those IP addresses
in an enterprise network freely without requesting them from an ISP or registration center.
Figure 1 depicts the operation of NAT.
Figure 1 NAT operation
• A NAT gateway lies between the private network and the public network.
• The internal host at 192.168.1.3 sends an IP packet (IP packet 1) to the external server at 10.1.1.2
through the NAT gateway.