cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3914
Views
10
Helpful
2
Replies

Why use nat instead of pat?

Hi everyone, I'm studying the use of nat and pat although the latter is a function of Nat. Before studying, I knew that nat (and not pat) was a protocol that allowed many IPs to be routed on the internet with a single address. Studying it I realized that there is static dynamic nat and then as I said Pat. I wonder why to use the static nat when I still have to assign public addresses for each private IP address on the network? This is not address saving at this point one uses pat directly or dynamic as a middle ground. Then of course this also depends on the applications that a network uses ok .... but in my opinion we cannot speak of static nat as a protocol to save public IP addresses on the internet. Hello and thanks

1 Accepted Solution

Accepted Solutions

NAT/PAT was designed to solve specific problems:

  • It saves IPv4 address-space when communicating with the public internet. Here we need "NAT overloading, masquerading, PAT" or however ist is named. A 1:1 NAT implementation would not solve the problem as you correctly say. But this PAT also breaks some protocols that are not compatible with PAT. Luckily most of these protocols are not relevant when communicating to the internet.
  • It can solve the problem when communicating with business-partners over private links and these business-partners use the same address-space. Here 1:1 NAT for the whole network is typically used. PAT is not used because it is not needed and to avoid the problems with PAT.

With IPv6, there are other problems. We don't need PAT any more as with a /56 network, the typical company has enough addresses. Also for the communication with business-partner there is no need as the other side almost always has different addresses.

But a new problem arised: Customers wanting to be multihomed, but do not have (for whatever reason) Provider independant IP addresses. With adress-range A from ISP1 and address-range B from ISP2, you have to make sure taht you always use the "right" addresses when sending the traffic to a specific ISP.

NAT for the internal network can solve this problem with quite low effort.

View solution in original post

2 Replies 2

NAT/PAT was designed to solve specific problems:

  • It saves IPv4 address-space when communicating with the public internet. Here we need "NAT overloading, masquerading, PAT" or however ist is named. A 1:1 NAT implementation would not solve the problem as you correctly say. But this PAT also breaks some protocols that are not compatible with PAT. Luckily most of these protocols are not relevant when communicating to the internet.
  • It can solve the problem when communicating with business-partners over private links and these business-partners use the same address-space. Here 1:1 NAT for the whole network is typically used. PAT is not used because it is not needed and to avoid the problems with PAT.

With IPv6, there are other problems. We don't need PAT any more as with a /56 network, the typical company has enough addresses. Also for the communication with business-partner there is no need as the other side almost always has different addresses.

But a new problem arised: Customers wanting to be multihomed, but do not have (for whatever reason) Provider independant IP addresses. With adress-range A from ISP1 and address-range B from ISP2, you have to make sure taht you always use the "right" addresses when sending the traffic to a specific ISP.

NAT for the internal network can solve this problem with quite low effort.

Thanks perfect explanation

Review Cisco Networking for a $25 gift card