What is Static and Dynamic NAT?
Both static and dynamic NAT require that enough public addresses are available to satisfy the total number of simultaneous user sessions.
What is Static NAT
Static NAT also called inbound mapping, is the process of mapping an unregistered IP address to a registered IP address on a one-to-one basis. The unregistered or mapped IP address is assigned with the same registered IP address each time the request comes through. This process is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet.
Simply, Static NAT enables a PC on a stub domain to maintain an assigned IP address when communicating with other devices outside its network or the Internet.
Static NAT configuration commands example:
R1#config t
R1(config)#ip nat inside source static 10.10.10.2 212.165.200.123
R1(config)#interface fa0/0 10.10.10.1 255.255.255.0
R1(config)#ip nat inside
R1(config)#interface se0/0 192.168.1.1 255.255.255.0
R1(config)#ip nat outside
The above configuration creates a permanent entry in the NAT table as long as the configuration is present and enables both inside and outside hosts to initiate a connection.
All you need to do in static NAT configuration is to define the addresses to translate and then configure NAT on the right interfaces. Packets arriving on an inside interface from the identified IP addresses are subject to translation. Packets arriving on an outside interface addressed to the identified IP address are subject to translation.
Dynamic NAT
Unlike static NAT which provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis.
When a host with a private IP address requests access to the Internet, dynamic NAT chooses an IP address from the pool that is not already in use by another host. Dynamic NAT is useful when fewer addresses are available than the actual number of hosts to be translated.
Dynamic NAT configuration commands example:
R1#config t
R1(config)#ip nat-pool 179.9.8.80 179.9.8.95 netmask 255.255.255.0
R1 (config #ip nat inside source list 1 pool nat-pool1
R1 (config)#interface fa0/0 10.10.10.1 255.255.255.0
R1(config)#ip nat inside
R1(config)#interface se0/0
R1(config)#ip address 192.168.1.1 255.255.255.0
R1(config)#ip nat outside
R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255
While static NAT provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. These public IP addresses come from a NAT pool.
Note:
When configuring dynamic NAT, you need an ACL to permit only those addresses that are to be translated. Remember, you have to add an implicit “deny all” at the end of each ACL.
Overall, Static and dynamic NATs serve the same purpose of translating private IP addresses to public IP addresses, but they differ in how they handle the translation process. Static NAT involves manually configuring a one-to-one mapping between private and public IP addresses, while dynamic NAT dynamically assigns public IP addresses from a pool to private IP addresses as needed. Both types of NAT play a crucial role in allowing devices with private IP addresses to communicate with devices on public networks.
NAT Overload or Port Address Translation (PAT)
