Network Address Translation and IPv6

School of Computer Applications

Lovely Professional University
Public and Private IP Addresses
 Internet Assigned Numbers Authority (IANA) has assigned
several address ranges to be used by private networks.
 Address ranges to be use by private networks are:
 Class A: 10.0.0.0 to 10.255.255.255
 Class B: 172.16.0.0 to 172.31.255.255
 Class C: 192.168.0.0 to 192.168.255.255
 An IP address within these ranges is therefore considered non-
routable, as it is not unique.
 Any private network that needs to use IP addresses internally can
use any address within these ranges without any coordination
with IANA or an Internet registry.
 Addresses within this private address space are only unique
within a given private network.
 All addresses outside these ranges are considered public.
Network Address Translation (NAT)
Network Address Translation (NAT) is a process in which
one or more local IP address is translated into one or more
Global IP address and vice versa in order to provide Internet
access to the local hosts.
It also does the translation of port numbers i.e. masks the
port number of the host with another port number, in the
packet that will be routed to the destination.
It then makes the corresponding entries of IP address and
port number in the NAT table. NAT generally operates on a
router or firewall.
To access the Internet, one public IP address is needed, but
we can use a private IP address in our private network.
The idea of NAT is to allow multiple devices to access the
Internet through a single public address.
To achieve this, the translation of a private IP address to a
public IP address is required.
Working of NAT
Private Private External External Transport
Address Port Address Port Protocol
172.18.3.1 1400 25.8.3.2 80 TCP

172.18.3.2 1401 25.8.3.2 80 TCP

... ... ... ... ...

Generally, the border router is configured for NAT i.e the router
which has one interface in the local (inside) network and one
interface in the global (outside) network.
When a packet traverse outside the local (inside) network, then
NAT converts that local (private) IP address to a global (public)
IP address. When a packet enters the local network, the global
(public) IP address is converted to a local (private) IP address.
Inside refers to the addresses which must be translated.
Outside refers to the addresses which are not in control of an
organization. These are the network Addresses in which the
translation of the addresses will be done.
 Inside local address: An IP address that is assigned to a host on
the Inside (local) network. The address is probably not an IP
address assigned by the service provider i.e., these are private IP
addresses. This is the inside host seen from the inside network.
 Inside global address: IP address that represents one or more
inside local IP addresses to the outside world. This is the inside
host as seen from the outside network.
 Outside local address: This is the actual IP address of the
destination host in the local network after translation.
 Outside global address: This is the outside host as seen from the
outside network. It is the IP address of the outside destination host
before translation.
Network Address Translation Types
 Static NAT – In this, a single unregistered (Private) IP
address is mapped with a legally registered (Public) IP
address i.e one-to-one mapping between local and global
addresses. This is generally used for Web hosting. These
are not used in organizations as there are many devices
that will need Internet access and to provide Internet
access, a public IP address is needed.
 Suppose, if there are 3000 devices that need access to the
Internet, the organization has to buy 3000 public addresses that
will be very costly.
 Dynamic NAT – In this type of NAT, an unregistered IP address is
translated into a registered (Public) IP address from a pool of public IP
addresses. If the IP address of the pool is not free, then the packet will
be dropped as only a fixed number of private IP addresses can be
translated to public addresses.
 Suppose, if there is a pool of 2 public IP addresses then only 2 private IP
addresses can be translated at a given time. If 3rd private IP address wants
to access the Internet then the packet will be dropped therefore many
private IP addresses are mapped to a pool of public IP addresses. NAT is
used when the number of users who want to access the Internet is fixed.
This is also very costly as the organization has to buy many global IP
addresses to make a pool.
 Port Address Translation (PAT) – This is also known as NAT
overload. In this, many local (private) IP addresses can be translated to a
single registered IP address. Port numbers are used to distinguish the
traffic i.e., which traffic belongs to which IP address.
 This is most frequently used as it is cost-effective as thousands of users can
be connected to the Internet by using only one real global (public) IP
address.
Advantages of NAT
 NAT conserves legally registered IP addresses.
 It provides privacy as the device’s IP address, sending and
receiving the traffic, will be hidden.
 Eliminates address renumbering when a network evolves.

Disadvantage of NAT
 Translation results in switching path delays.
 Certain applications will not function while NAT is
enabled.
 Complicates tunneling protocols such as IPsec.
 Also, the router being a network layer device, should not
tamper with port numbers(transport layer) but it has to do
so because of NAT.
Internet Protocol Version 6 (IPv6)
 Internet Protocol version 6 (IPv6) is the latest revision of the Internet
Protocol (IP) and the first version of the protocol to be widely
deployed. IPv6 was developed by the Internet Engineering Task
Force (IETF) to deal with the long-anticipated problem of IPv4
address exhaustion.
 An IPv6 address is made of 128 bits divided into eight 16-bits blocks.
Each block is then converted into 4-digit Hexadecimal numbers
separated by colon symbols.
 For example, given below is a 128 bit IPv6 address represented in
binary format and divided into eight 16-bits blocks:
0010000000000001 0000000000000000 0011001000111000 1101111111100001
0000000001100011 0000000000000000 0000000000000000 1111111011111011
 Each block is then converted into Hexadecimal and separated by ‘:’
symbol:
2001:0000:3238:DFE1:0063:0000:0000:FEFB
Even after converting into Hexadecimal format, IPv6 address
remains long. IPv6 provides some rules to shorten the address.
The rules are as follows:
Rule.1: Discard leading Zero(es):
In Block 5, 0063, the leading two 0s can be omitted, such as (5th
block):
2001:0000:3238:DFE1:63:0000:0000:FEFB
Rule.2: If two of more blocks contain consecutive zeroes, omit
them all and replace with double colon sign ::, such as (6th and
7th block):
2001:0000:3238:DFE1:63::FEFB
Consecutive blocks of zeroes can be replaced only once by :: so
if there are still blocks of zeroes in the address, they can be
shrunk down to a single zero, such as (2nd block):
2001:0:3238:DFE1:63::FEFB