Network Address Translation (NAT) is a feature of the Cisco Internetwork Operating System (IOS) that maps private IP addresses to globally unique IP addresses for use on the Internet. NAT is available on Cisco IOS versions 11.2 and higher and runs on a router with connections to the internal network and external Internet.

When to use NAT
Network Address Translation can be implemented in a network consisting entirely of private IP addresses or in an environment with private and globally unique IP addresses. NATs can provide access to the Internet for clients located on the internal network, or NATs can allow users on the Internet to connect to servers on the private internal network. The proper use of an NAT is to hide internal servers from the outside world (i.e., the Internet) or to utilize a few registered, globally unique IP addresses to provide Internet connectivity to several users on a private network.

When not to use NAT
NAT is a good feature to use if you are trying to avoid the cost of purchasing registered IP addresses; however, there are some scenarios that prevent the use of NAT. For example, since the entire private network is sharing a pool of addresses to connect to the Internet, logging and tracing Internet activity for specific users is not possible. Additionally, the translation being performed by NAT can cause transport delays and increase router CPU usage. This means time-sensitive applications could be affected by the NAT and could time out or lose connectivity. Furthermore, if a router’s CPU utilization is already high, NAT can add even more overhead, greatly affecting the router’s performance.

Things to consider
The decision to implement NAT should be based on a number of factors. A few items to consider include:

  • The number of clients or servers that need to be connected to the Internet
  • The cost of purchasing globally unique, registered IP addresses
  • The importance of traceability and logging
  • CPU usage, transport delay, and application sensitivity

Once you have considered these factors, you may find NAT to be an efficient, cost-effective means of connecting to the Internet.

Warren Heaton, CCDA, CCNA, MCSE+I, is the Cisco program manager for A Technological Advantage in Louisville, KY.

If you’d like to share your opinion, please post a comment at the bottom of this page or send the editor an e-mail.