Need Clarification on NAT definitions

aderonaderon Member Posts: 404 ■■■■□□□□□□
I feel like I understand the first two, but the second two I can't grasp. What is physically represented by the inside global address and outside global address? is it a host? on who's network? an interface on a router? who's router? which side of the router (inside or outside network?) etc.

My Understanding:
Assuming my inside network is 192.168.0.0/24 and I'm trying to reach google's DNS at 8.8.8.8. Also assuming that my ISP has assigned me public IP 150.0.0.1

Inside local - Address assigned to a host on your inside network (Usually a private address, assigned statically or via DHCP)
Example: 192.168.0.2

Outside Local - Address assigned to your router's interface that connects to your ISP (Usually dynamically assigned by the ISP)
Example: 150.0.0.1

Inside Global Address - Address assigned to the your router's interface that connects your inside network?
Example: 192.168.0.1

Outside Global Address - Address assigned to the interface connected to the ISP on the destination network's router?
Example: 8.8.8.8


Another thing, is I found this graph that represents NAT. The graph states that, when the packet is on the inside network, the source address is the inside local and the destination address is the outside local. If the outside local is the IP address of the interface connected to your ISP, then why would it be a destination address? My understanding is that the destination IP address never changes, that only MAC addresses change?

Is this stating that all packets destined to go outside your network must first be sent to your router's interface that is connected to the ISP (At which point the packet is rewrapped with a new source address and destination address now that it's been translated by NAT?)

http://www.cisco.com/c/dam/en/us/support/docs/ip/network-address-translation-nat/4606-8a.gif



I'm clearly pretty confused and I am rambling at this point haha. Could anyone offer some clarification? icon_rolleyes.gif
2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started)

Comments

  • Stevecb06Stevecb06 Member Posts: 32 ■■□□□□□□□□
    I am only currently studying for the CCENT myself, so I am certainly no professional. But, from my studies, this is my understanding:

    Inside Local - This is an address that is inside of your network, and which is only a local address that is not publicly routable. In your example it would be the 192.168.0.2 address, which is the host that is trying to contact the outside server.

    Inside Global - This is an address that is inside of your network, but is a publicly routable address that has been provided to you by your ISP. In this case it is the 150.0.0.1 address that would be assigned to the publicly facing interface on your router.

    The outside global address is the publicly routable address that is assigned to the publicly facing interface on the router of the destination network, and the outside local address is the private IP address assigned to the host you are trying to reach on the outside network.

    I think where you are getting confused is that the outside global address is not the publicly facing interface on your router, it is the publicly facing interface on the remote network's router.

    I hope I am right, if not someone please let me know!
  • aderonaderon Member Posts: 404 ■■■■□□□□□□
    Thanks for the help! Also, after stumbling for a few hours I finally found something that I think cleared it all up for me. If anyone else finds this thread somehow, here's the link:

    https://supportforums.cisco.com/document/32521/ccna-ccnp-training-no-confusion-ip-nat-inside-outside-local-global
    2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started)
  • mikeybinecmikeybinec Member Posts: 484 ■■■□□□□□□□
    Outside local: Let's say you ping google.com-- As the icmp travels back to you it get's translated from it's registered IP address
    to your local inside network of whatever RFC 1918 address you have setup.
    Cisco NetAcad Cuyamaca College
    A.S. LAN Management 2010 Grossmont College
    B.S. I.T. Management 2013 National University
  • james43026james43026 Member Posts: 303 ■■□□□□□□□□
    When it comes to NAT, you have to consider the local and global as a matter of perspective.

    Inside Local: This is the IP address of an inside node as seen by hosts from the inside (local) of your network

    Inside Global:This is the IP address of an inside node as seen by the outside (global) of your network

    Outside Local: This is the IP address of the outside node as seen by nodes from inside (local) your network

    Outside Global: This is the IP address of the outside node as seen by nodes from outside (global) your network

    Great article for clarification
Sign In or Register to comment.