SNAT (Source Network Address Translation)
SNAT is a type of Network Address Translation (NAT) that modifies the source address of IP packets
as they pass through a router or firewall. It's commonly used to allow multiple devices on a private
network to access the internet using a single public IP address. This is because the number of
available IPv4 addresses is limited, and most organizations don't have a public IP for every device.
SNAT allows:
Privacy: Internal IP addresses are hidden from the external network.
Security: Makes it harder for attackers to directly reach internal devices.
Conservation of IP addresses: Many devices can share one or a few public IPs.
In a typical SNAT scenario, the source IP addresses of outgoing packets are changed from private IP
addresses to the router's public IP address. When responses return, the router reverses the
translation to route the packets back to the original sending device.
Use in Load Balancing: SNAT is also used in load balancing scenarios where the source IP is modified
to ensure the return path of the packets goes through the load balancer, maintaining session
consistency.
Dynamic and Static SNAT: SNAT can be dynamic, where the source IP is chosen from a pool of
available addresses, or static, where a specific source IP is consistently used for a particular source or
group of sources.
Refer: https://www.expertnetworkconsultant.com/expert-approach-in-successfully-networking-
devices/navigating-network-address-translation-understanding-the-difference-between-dnat-and-
snat/
DNAT (Destination Network Address Translation)
DNAT is the counterpart to SNAT, where the destination IP address of incoming packets is changed.
This is often used to direct traffic coming to a public-facing IP address to a specific device in the
private network. Common uses of DNAT include:
Hosting servers: If you host a web server on your private network, DNAT can route HTTP
requests from the internet to the internal server.
Load balancing: DNAT can distribute incoming requests to multiple servers based on
predefined rules, enhancing performance and redundancy.
DNAT allows external devices to initiate communication with specific devices within a private
network, typically through configured port forwarding rules.
Application in Port Forwarding: DNAT is commonly used in port forwarding, allowing external
users to access services on a private network server. Each service can be assigned a specific
port, and DNAT rules direct traffic to the correct server based on the destination port
number.
Security Considerations: While DNAT is useful, it can introduce security risks by exposing
internal services to the external network. Proper security measures, like firewalls and access
control lists, are essential to protect the network.
�IP Address
An IP (Internet Protocol) address is a unique identifier for a device on a network. There are two
versions:
IPv4: The most widely used form, consisting of four numbers separated by dots, e.g.,
192.168.1.1. Each number can be from 0 to 255.
IPv6: Developed to deal with IPv4 address exhaustion, using a more complex alphanumeric
system for a vastly larger address space.
IP addresses are essential for routing data across networks, ensuring that packets reach their
correct destinations.
Subnetting: IP addresses can be further divided into subnetworks (subnets) to organize and manage
networks more efficiently. Subnetting involves borrowing bits from the host portion of the address to
create multiple smaller networks within a larger network.
Public vs. Private IP Addresses: Public IPs are globally unique and used for devices communicating
over the internet. In contrast, private IPs are used within local networks and are not routable on the
internet. Private IP ranges (like 192.168.x.x for IPv4) are set aside specifically for internal use.
Netmask
A netmask, or network mask, is used to divide IP addresses into two parts: one representing the
network and the other representing devices (hosts) on that network. It's a way of defining the size or
range of a network. For IPv4:
A common netmask is 255.255.255.0, used for small networks. This indicates that the first three
numbers in an IP address identify the network, while the last number identifies a specific device.
A netmask works by applying a bitwise AND operation between the IP address and the netmask. The
result reveals the network portion of the IP address.
Netmasks are crucial for understanding the structure of networks, determining how many devices
can be part of a network, and setting up routing rules.
CIDR Notation: Netmask can also be expressed in Classless Inter-Domain Routing (CIDR) notation,
which specifies the number of bits that represent the network portion. For example, /24 corresponds
to a netmask of 255.255.255.0, indicating that the first 24 bits are used for the network address.
Subnet Masks and Routing: Subnet masks play a crucial role in routing decisions. Routers use the
subnet mask to determine whether a destination IP is within the same network (direct delivery) or if
it needs to be forwarded to another router (indirect delivery).
