1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-660HN-T1A
    5. /
  5. 30
Page 146 / 324 Scroll up to view Page 141 - 145
Chapter 9 Network Address Translation (NAT)
P-660HN-TxA User’s Guide
146
9.6
NAT Technical Reference
This chapter contains more information regarding NAT.
9.6.1
NAT Definitions
Inside/outside denotes where a host is located relative to the ZyXEL Device, for
example, the computers of your subscribers are the inside hosts, while the web
servers on the Internet are the outside hosts.
Global/local denotes the IP address of a host in a packet as the packet traverses a
router, for example, the local address refers to the IP address of a host when the
packet is in the local network, while the global address refers to the IP address of
the host when the same packet is traveling in the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to
the IP address of a host used in a packet. Thus, an inside local address (ILA) is the
IP address of an inside host in a packet when the packet is still in the local
network, while an inside global address (IGA) is the IP address of the same inside
host when the packet is on the WAN side. The following table summarizes this
information.
NAT never changes the IP address (either local or global) of an outside host.
9.6.2
What NAT Does
In the simplest form, NAT changes the source IP address in a packet received from
a subscriber (the inside local address) to another (the inside global address)
before forwarding the packet to the WAN side. When the response comes back,
NAT translates the destination address (the inside global address) back to the
inside local address before forwarding it to the original inside host. Note that the
IP address (either local or global) of an outside host is never changed.
The global IP addresses for the inside hosts can be either static or dynamically
assigned by the ISP. In addition, you can designate servers, for example, a web
server and a telnet server, on your local network and make them accessible to the
Table 47
NAT Definitions
ITEM
DESCRIPTION
Inside
This refers to the host on the LAN.
Outside
This refers to the host on the WAN.
Local
This refers to the packet address (source or destination) as the packet travels
on the LAN.
Global
This refers to the packet address (source or destination) as the packet travels
on the WAN.
Page 147 / 324
Chapter 9 Network Address Translation (NAT)
P-660HN-TxA User’s Guide
147
outside world. If you do not define any servers (for Many-to-One and Many-to-
Many Overload mapping – see
Table 48 on page 149
), NAT offers the additional
benefit of firewall protection. With no servers defined, your ZyXEL Device filters
out all incoming inquiries, thus preventing intruders from probing your network.
For more information on IP address translation, refer to
RFC 1631
,
The IP Network
Address Translator (NAT)
.
9.6.3
How NAT Works
Each packet has two addresses – a source address and a destination address. For
outgoing packets, the ILA (Inside Local Address) is the source address on the LAN,
and the IGA (Inside Global Address) is the source address on the WAN. For
incoming packets, the ILA is the destination address on the LAN, and the IGA is
the destination address on the WAN. NAT maps private (local) IP addresses to
globally unique ones required for communication with hosts on other networks. It
replaces the original IP source address (and TCP or UDP source port numbers for
Many-to-One and Many-to-Many Overload NAT mapping) in each packet and then
forwards it to the Internet. The ZyXEL Device keeps track of the original addresses
and port numbers so incoming reply packets can have their original values
restored. The following figure illustrates this.
Figure 71
How NAT Works
192.168.1.13
192.168.1.10
192.168.1.11
192.168.1.12
SA
192.168.1.10
SA
IGA1
Inside Local
IP Address
192.168.1.10
192.168.1.11
192.168.1.12
192.168.1.13
Inside Global
IP Address
IGA 1
IGA 2
IGA 3
IGA 4
NAT Table
WAN
LAN
Inside Local
Address (ILA)
Inside Global
Address (IGA)
Page 148 / 324
Chapter 9 Network Address Translation (NAT)
P-660HN-TxA User’s Guide
148
9.6.4
NAT Application
The following figure illustrates a possible NAT application, where three inside LANs
(logical LANs using IP alias) behind the ZyXEL Device can communicate with three
distinct WAN networks.
Figure 72
NAT Application With IP Alias
9.6.5
NAT Mapping Types
NAT supports five types of IP/port mapping. They are:
One to One
: In One-to-One mode, the ZyXEL Device maps one local IP address
to one global IP address.
Many to One
: In Many-to-One mode, the ZyXEL Device maps multiple local IP
addresses to one global IP address. This is equivalent to SUA (for instance, PAT,
port address translation), ZyXEL’s Single User Account feature that previous
ZyXEL routers supported (the
SUA Only
option in today’s routers).
Many to Many Overload
: In Many-to-Many Overload mode, the ZyXEL Device
maps the multiple local IP addresses to shared global IP addresses.
Many-to-Many No Overload
:
In Many-to-Many No Overload mode, the ZyXEL
Device maps each local IP address to a unique global IP address.
Server
: This type allows you to specify inside servers of different services
behind the NAT to be accessible to the outside world.
Page 149 / 324
Chapter 9 Network Address Translation (NAT)
P-660HN-TxA User’s Guide
149
Port numbers do NOT change for
One-to-One
and
Many-to-Many No Overload
NAT mapping types.
The following table summarizes these types.
Table 48
NAT Mapping Types
TYPE
IP MAPPING
One-to-One
ILA1

IGA1
Many-to-One (SUA/PAT)
ILA1

IGA1
ILA2

IGA1
Many-to-Many Overload
ILA1

IGA1
ILA2

IGA2
ILA3

IGA1
ILA4

IGA2
Many-to-Many No Overload
ILA1

IGA1
ILA2

IGA2
ILA3

IGA3
Server
Server 1 IP

IGA1
Server 2 IP

IGA1
Server 3 IP

IGA1
Page 150 / 324
Chapter 9 Network Address Translation (NAT)
P-660HN-TxA User’s Guide
150

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top