Basics On Azure - Network Address Translation (NAT)

Hello everyone. I recently came across the topic of NAT and, this felt so interesting so I wanted to share what  NAT is and how it works. This is for understanding networking on Azure. Of course, we are just interested in the cloud tool, but it is good to know what happens under the hood and it will help when you deal with the networking part in Azure.

 

So what we will be discussing in this post is,

 

NAT is used to enable multiple hosts on a private network to connect to the Internet using a single public IP address or we can say that the basic idea of NAT is to allow multiple devices to access the Internet through a single public address.

 

So basically, NAT helps a private network to communicate with the public network(Internet).

 

 

Back in 1994, there was a problem with IPV4 and the problem was the IP address was allocated based on the class. Class A address was given to big companies, smaller companies were given class B and smaller ones got a class C address, and so on and, the main problem with this method was that millions of class A addresses were wasted, many of the class B address were wasted, whereas, the number of addresses available in class C is so small that it cannot cater to the needs of organizations.

 

Learn more about IP address classes and Classful Vs Classless Addressing.

 

The solution to this problem was to create several address ranges: the private IP address like, 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 (Learn more about private IP.) In this way, we were able to solve problems with classful addressing and this allows us to set up a network and pick one of these addresses to build our network. But again there was a problem that, this doesn’t allow us to communicate on the public internet because on the public internet we have to use the public IP address. That’s where NAT came into the picture and helps us to solve this problem by allowing us to communicate with the public internet. So let us see how NAT solves this problem.

 

Network address translation between a private network and the Internet

 

Image credit: Wikipedia

 

So if we see in the above picture there is a host connected to a private network, a router most likely be configured to use NAT and, a server connected to the internet. If we want to send a message to the server from an internal device that is connected to a private network with the source address 10.0.0.1 and destination address 200.100.10.1

 

Now when we send this message out, the message will easily be transferred to the server because our router looks for the destination address which is 200.100.10.1

 

But what happens when the server responds? Let’s find out. When the server wants to respond and now destination IP will be 10.0.0.10 and source IP will be 200.100.10.1, now when the server responds, we know the private is address is not routable and the packet gets rejected and thrown away.

 

Here comes the use of NAT, when the server sent the message to the router which will be configured to use NAT,  it takes source IP (10.0.0.1) and stores it in a table (also known as NAT table) and replaces it with public IP (150.150.0.1).

 

Now, if we send any message from private IP to the internet it will reach the server, and when the server responds destination IP will be 150.150.0.1 which is public and points to our router, once the router receives the message it looks in the NAT table and it removes the public IP 150.150.0.1 and replaces it with private address 10.0.0.10 and replaces it with private address 10.0.0.10 and forwards the message back to the device.

 

That’s it, I hope it helps you in some way.

 

Stay home, stay safe, and happy learning.