Network address translation, Introduction, Configuring nat – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

97

53-1002440-03

Chapter

4

Network Address Translation

Introduction

Network Address Translation (NAT) translates one IP address into another. For example, it
translates an internal private IP address (nonregistered) into an external unique IP address
(registered) used on the Internet.

FIGURE 5

Mapping an internal address to an external address

NAT also provides a more graceful renumbering strategy for organizations changing service
providers or voluntarily renumbering into Classless Interdomain Routing (CIDR) blocks.

The standard NAT support described in this section provides translation for hosts attached to
private networks on the ServerIron ADX, and is separate from the virtual IP address features
provided for Server Load Balancing (SLB). For example, standard NAT is not related to source IP
addresses used for multinetting the ServerIron ADX, performing health checks on remote servers,
and so on.

Configuring NAT

The following types of NAT are supported:

•

Static NAT — Maps a specific global IP address (Internet IP address) with a specific private
address. Static translation ensures the software always maps the same public address to a
given private address. For example, you can map 10.1.1.1 to 150.1.1.1. Use static NAT when
you want a specific host in the private network to always use the same Internet address when
communicating outside the private network. ServerIron ADX supports both inside to outside
network translation and outside to inside network Nat translation.

150.1.1.1

10.1.1.1

External

Internal

Internet or
Intranet Backbone

SI