NAT & PAT

Network Address Translation rewrites IP headers at the boundary. PAT (overload) is what your home router does.

// example topology

inside · private

10.0.0.19

10.0.0.47

nat inside

▶

Gi0/0 · /16

NAT BOUNDARY

nat outside

▶

Gi0/1

outside · public

203.0.113.0/24

translation10.0.0.19 (inside local)→203.0.113.1 (inside global)

Static NAT1 : 1

One private IP permanently mapped to one public IP. Used for servers.

Dynamic NATM : N

Private IPs map to a pool of public IPs, first-come first-served.

PAT / OverloadM : 1

Many private IPs share one public IP, distinguished by source port. Your home router.

// the four address terms

Inside local

private IP on the LAN

Inside global

public IP the world sees

Outside local

how LAN sees the dest

Outside global

real public dest IP

nat / pat · cisco ios

interface Gi0/0
 ip address 10.0.0.1 255.255.0.0
 ip nat inside
!
interface Gi0/1
 ip address 203.0.113.1 255.255.255.0
 ip nat outside
!
access-list 10 permit 10.0.0.0 0.0.255.255
ip nat pool POOL 203.0.113.10 203.0.113.20 prefix-length 24
! Dynamic NAT
ip nat inside source list 10 pool POOL
! PAT (overload) out the outside interface
ip nat inside source list 10 interface Gi0/1 overload
! Static port-forward (DNAT)
ip nat inside source static tcp 10.0.0.3 80 203.0.113.1 80

verify

show ip nat translations verbose
show ip nat statistics
clear ip nat translations *
debug ip nat