M6Q27: Network Address Translation

Question 1

Source NAT changes the destination address of IP packets as they pass through the router

A. True
B. False

Answer 1

B. False

Explanation: There are two basic concepts that are the foundation of NAT: Source NAT and Destination NAT. Source NAT is when the source IP address in a packet is changed as it moves through a router. Destination NAT is when the destination IP address in a packet is changed as it moves through the router.

Question 2

This type of NAT maps only a single IP address to another single IP address.

A. Source NAT
B. Dynamic NAT
C. Destination NAT
D. Static NAT

Answer 2

D. Static NAT

Explanation: Static NAT is used to statically map a single IP to another single IP. This can be done based on the source (Static Source NAT) or based on the destination (Static Destination NAT).

Question 3

This type of NAT uses a pool of addresses to map one IP address to another. In this case it is still a one-toone translation, but the IP address being mapped can be randomized from the NAT pool.

A. Source NAT
B. Dynamic NAT
C. Destination NAT
D. Static NAT

Answer 3

B. Dynamic NAT

Explanation: Dynamic NAT allows for the creation of pools of addresses to be NAT’ed. Pools can be used on both the source and the destination.

Question 4

PAT (aka overload NAT or NAT Hide) allows for translating multiple internal IP addresses into a single external IP address. This is used on internet gateway routers, firewalls, and home and SOHO routers. The term PAT means ___________________.

A. Private Address Translation
B. Primary Address Translation
C. Port Address Translation
D. Public Address Translation

Answer 4

C. Port Address Translation

Explanation: PAT (Port Address Translation) is the #1 use of NAT. It is also sometimes called NAT hide, masquerade NAT, and overload NAT. PAT is a combination of Dynamic NAT and tracking the NAT sessions with randomized TCP port numbers to keep each session separate. In this way it is possible to translate a large pool of internal private addresses into a single public address that is routable on the global internet. This effectively hides the entire internal network and the world only sees a single public IP even if there are many users inside the network accessing the internet at the same time.

Question 5

When viewing a NAT session in a NAT table the source address from the internal network is referred to as _______________.

A. Inside Local
B. Inside Global
C. Outside Local
D. Outside Global

Answer 5

A. Inside Local

Explanation: NAT/PAT sessions are tracked in a NAT table in the router or firewall. As NAT sessions are created there are individual components called Inside Local, Inside Global, Outside Local and Outside Global. Inside Local is the source internal address that belongs the computer initiating the NAT session including the NAT session randomized TCP port. Inside Global is the public address that the Inside Local is being translated to including the NAT session randomized TCP port. Inside Global is the translated public IP addresses with the destination TCP port and the Outside Global is the destination IP address on the internet including the port number.