As discussed before, That NAT translates Private IP addresses into public IP addresses. So in the process of translation, there are different operations involve and understanding each of them requires understanding NAT terminology. Therefore before understanding NAT in details, it is important to understand basic NAT terminology. In a NAT terminology, the inside network is the set of networks that is subject to translation and the outside network refers to all other networks.
In the NAT, IPv4 addresses have assigned different designations based on the network e.g. private network, or the public network and also on the bases of incoming or outgoing traffic. The NAT has four types of addresses:
- Inside local address
- Inside global address
- Outside local address
- Outside global address
It is important to recall that NAT terminology is always applied from the viewpoint of the device with the translated address when determining the type of address. NAT also uses the perception of local or global concerning addresses
- Inside address– The address of the device which is needed to be translated with NAT.
- Outside address– This is the address of the destination device.
- Local address– Any address that appears on the inside portion of the network.
- Global address– Any address that appears on the outside portion of the network.
Let’s understand the above terms with an example. For example when a user browsing a website from his computer. The network which connects him with the internet is considered as a local network for him and the network which connects the webserver where the website is located with the internet is considered as a local network for a webserver. The network which connects both networks on the internet is considered as a global network.
Inside and outside in the NAT depend on the direction of the data. For example in the below topology for PC-1, router R1 is inside and router R2 is outside as illustrated in the first image below. If we change the direction of data as illustrated in the second image. The router R2 is inside for the server and R1 is outside for the server.
The interface of the router which is connected with the local network will be configured with an inside local IP address and the interface connected with the global network will be configured with an inside global IP address.
Now, look at the below topology where we have to expend the above topology and assign an IP address to the devices. PC1 has an inside local address of 192.168.1.100 and inside global address 184.108.40.206 has assigned to R1 outside interface. From the side of PC1, the webserver has an outside address of 220.127.116.11. When PC-1 sending packets to the global address of the webserver, the inside local address 192.168.1.100 of PC1 is translated to the inside global address of 18.104.22.168.
The R1 is configured as NAT router and working as the demarcation point between the inside and outside networks and as between local and global addresses.
The term inside and outside is combined with the terms local and global for specific addresses. In the above topology the, router R1 has been configured to provide NAT.
- Inside local address– In the above topology, the IP address 192.168.1.100 is assigned to PC-1. This is the inside local address of PC1.
- Inside global address– When traffic is sending from PC1 to the webserver. The R1 translates the inside local address 192.168.1.100 to an inside global addresses 22.214.171.124. In the terminology of NAT, the inside local address is translated to the inside global address.
- Outside global address– The outside global address is usually a Public IPv4 address assigned to a host on the Internet. For example, the webserver is reachable at IPv4 address 126.96.36.199. Most often the outside local and outside global addresses are the same.
- Outside local address– The address of the destination as seen from the inside network. In this example, PC1 sends traffic to the webserver at the IPv4 address 188.8.131.52.
When PC-1 sending traffic to a web server. Its web server also returns traffic is initially addressed and translated. The figure below illustrates the return traffic.