background image
Characteristics of NAT 337
for access to specific records would not function. Functionality could be restored,
however, by using statically mapped translations, but again the dynamic functionality of
NAT would be lost.
Another reason that a specific source port or source address would not be able to
function in a NAT environment is that some applications embed IP address
information at the application layer, in addition to the IP packet addressing; when
this happens, NAT is unable to identify the situation that is producing a mismatch
between the information included in the IP packet and the information included
at the application layer. Oracle and other relational databases are common
examples of applications that embed IP address information.
NAT conserves legal addresses, reduces overlap dysfunctionality, increases Internet flexibility,
and eliminates network renumbering in a changed environment, as described in the following
list:
·
Conservation--Legally registered addresses can be conserved using the private address
space and NAT to gain access to the Internet.
·
Overlap dysfunction--In an overlapped network situation, NAT can enable immediate
connectivity without renumbering. In the case in which two companies have merged and
are both using the same private address space, overlap dysfunction can be temporarily
alleviated with NAT. The key here is the word temporary. This solution is not a design
example but a Band-Aid for a quick resolution of the problem. In addition, if a service
provider has connectivity to multiple clients that are using the same private address space,
it may be necessary to allow connection to multiple clients that have elected to use the
same private address space.
·
Flexibility--Connecting to an Internet provider or changing providers can be accomplished
with only minor changes to the NAT configuration. Becoming disgruntled or unenamored
with an ISP provider is not uncommon. With NAT, changing ISPs is simply a matter of
changing the pool of addresses that have been assigned. Because the NAT function occurs
at the edge of the network, the router is the only device that requires a reconfiguration. If
the customer accepts a nonprivate block of addresses from a provider and uses these on
the inside network, changing ISPs would require renumbering the entire network.
·
Eliminated renumbering--As network changes are made, the cost of immediate
renumbering can be eliminated by using NAT to allow the existing address scheme to
remain. The renumbering effort can be gradually implemented or relegated to a DHCP
server in an incremental fashion rather than all at once.