|
|
Importance of NAT
Originally thought as a solution to combat IPv4 depletion, NAT has found functions in security and administration. Dynamic NAT automatically sets up a firewall-style protection between the internal network and the outside networks or Internet. NAT only allows connections that originate from inside the stub domain. Essentially, this means that an internal client can connect to an outside FTP server, but an outside client can’t connect to an internal FTP server. It is still possible to make some internal services available to the outside world via Static NAT or inbound mapping, which maps certain TCP ports to specific internal addresses. On the administrative side, NAT can offer regulatory enforcement as well as network organization and expansion. Some NAT routers provide extensive filtering and traffic logging to enforce professional and ethical behavior. With inbound mapping, it is possible to move web services to a different computer without having to do any changes on external clients. Internal changes, such as removing a computer, can be made with relative ease since there is no one-to-one mapping of internal and external addresses. Network growth can be accommodated just as easily by increasing the range of unregistered IP addresses configured in a Dynamic Host Configuration Protocol (DHCP) server. NAT also works complementarily with IPsec (Internet Protocol Security) tunneling, giving network architecture flexibility in positioning VPN (Virtual Private Network) gateways. The IETF has also developed a standard called NAT Traversal, which encapsulates IPsec traffic via UDP (User Datagram Protocol), allowing NAT to make the necessary IP address and port changes. NAT Traversal also provides more options in network configurations. The popularity of NAT is increasing as rapidly as IPv4 depletion. |