Specifications
NAT Overview
September 08, 2010 Page 7 of 18
Client1 Walkthrough:
ApacketarrivesattheNATrouterfromClient1withasourceaddressof10.1.1.1:125,butleaves
theNATrouterwithasourceaddressof200.1.1.1:1024.Inbothcasesthedestinationisfor
Server1’sIPaddressof200.1.1.50:80.FromServer1’spointofview,Client1’sIPaddressis
200.1.1.1:1024.Server1doesn’tknow
anythingaboutitsactualIPaddressof10.1.1.1:125.
WhenServer1respondstoClient1,itspacketarrivesattheNATrouterwithClient1’stranslated
addressof200.1.1.1:1024asthedestinationaddress,butleavestheNATrouterwithClient1’s
actualaddressof10.1.1.1:125asthedestinationaddress.Server1’sresponseisdeliveredto
IP
address10.1.1.1:125.
Figure 4 Basic NAPT Dynamic Inside Address Translation
Client2 Walkthrough:
ApacketarrivesattheNATrouterfromClient2withasourceaddressof10.1.1.2:125,butleaves
theNATrouterwithasourceaddressof200.1.1.1:1025.Inbothcasesthedestinationisfor
Server1’sIPaddressof200.1.1.50:80.FromServer1’spointofview,Client2’sIPaddressis
200.1.1.1:1025.Server1doesn’tknow
anythingaboutitsactualIPaddressof10.1.1.2:125.
WhenServer1respondstoClient2,itspacketarrivesattheNATrouterwithClient2’stranslated
addressof200.1.1.1:1025asthedestinationaddress,butleavestheNATrouterwithClient1’s
actualaddressof10.1.1.2:125asthedestinationaddress.Server1’sresponseisdeliveredto
IP
address10.1.1.2:125.
Server1
200.1.1.50
NAT
ROUTER
DA: 200.1.1.50:80
SA: 200.1.1.1:1024
DA: 200.1.1.1:1024
SA: 200.1.1.50:80
DA: 200.1.1.50:80
SA: 10.1.1.1:125
DA: 10.1.1.1:125
SA: 200.1.1.50:80
Client2
10.1.1.2
DA: 200.1.1.50:80
SA: 200.1.1.1:1025
External
Public
Network
Internal
Private
Network
DA: 200.1.1.1:1025
SA: 200.1.1.50:80
DA: 200.1.1.50:80
SA: 10.1.1.2:125
DA: 10.1.1.2:125
SA: 200.1.1.50:80
Client1
10.1.1.1