background image
338 Chapter 11: Scaling IP Addresses with NAT
Simple NAT Translation
NAT translation (in its original form) replaced the source IP address with a publicly legitimate
address. The replacement address came from a pool of addresses that were defined on the NAT
device. These replacement addresses were, of course, publicly valid in the Internet address
space. NAT is an application layer process that inserts the legitimate address into the packet
header and maintains a table of translated addresses, as shown in Figure 11-3.
Figure 11-3
NAT in Operation
Overloading
Overloading uses the source port to further distinguish which sending station is transmitting.
In this fashion, a single legitimate IP address can be used for many senders. The source port is
a number greater than 1024 and is a software addressable port at the transport layer. The first
1024 port numbers are well-known ports, which are assigned by RFC 1400.
The terms socket and port are often used interchangeably. This is incorrect. A socket is the
IPaddress:Portnumber pair that is unique to an IP addressable device. The port refers to a
numbered entity that is addressable by software. For example, every device has a port number
of 23 for telnet (regardless of whether it is in use). In contrast, only one device has the socket
of 122.5.7.8:23. In other words, the socket refers to a specific location on the network whereas
a port is simply a reference point that could exist on any device.
Translation table
10.1.1.1 133.4.4.1
Translation occurs at
the application layer
Source station Telnets
to public address of
155.6.7.8
SA=10.1.1.1
SA=133.4.4.1
Application
Presentation
Session
Transport
Network
Data link
Physical
10.1.1.1
Telnet
Server
155.6.7.8
NAT Application has the address range of 133.4.4.1 through 133.4.4.254