NAT - inside global address

http://packetlife.net/blog/2010/jan/7/understanding-nat-address-types/ Let's say I have a bunch of hosts connected to a typical router (which is in fact a switch + router) that has a public global IP assigned by my ISP. The hosts use private IPs that are non-routable addresses, and need to be translated using NAT to the public one so that it can talk with the rest of Internet. Now, my router is connected to a network of my ISP. It has some IP address in that network, but that address is different than what my public IP address is, right? - it follows from the article linked above: by this command:

ip nat inside source static 192.168.0.10 192.0.2.10
  1. Translating private IP of my host to the public IP of my router with a special port number (that allows the inverse translation back to my private IP to happen when the other host sends a reply).
  2. Translating private IP of my host to a public IP that's different from the public IP of my router. The problem is - how does my NAT router know that his public address used for translation isn't already used by some other host on the Internet?

Do these two methods have different names?

user4205580 asked Dec 6, 2015 at 12:05 user4205580 user4205580 455 3 3 silver badges 10 10 bronze badges

Hi, there are actually 4 types of translations that exist. They all go by different names, but I outline them each here.

Commented Jun 6, 2019 at 17:40

Did any answer help you? if so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could post and accept your own answer.

Commented Jan 5, 2021 at 22:47

3 Answers 3

The two kinds of NAT your question is referring to can be categorized as destination NAT, and source NAT.

Destination NAT will typically change a connection to your router from the ISP direction to a destination target that's inside your network. It's also commonly referred to as port forwarding. This lets you expose a service that would normally be inaccessible inside your private network.

Source NAT will change a connection through your router from your local network to a source target that is the router itself, allowing multiple hosts to use a single public address.

NAT can perform other translations, but few others are useful except in niche cases. Despite the phrasing in your question, a source NAT that you describe is not helpful. Using a global address that is not functional on the router will have no good effect. No other device or protocol would keep track of that, so all replies will be forwarded to the device that should have that IP, which would know nothing about your setup and promptly drop them. If you want to use a different IP, get it set up and functional on the router first.