Page Content

Tutorials

Load more

What Is DNAT Destination Network Address Translation? Uses

CCNA
Hemavathi
Author: Hemavathi
3 min.read

What is DNAT?

One particular kind of NAT that converts a packet’s destination IP address is called destination network address translation, or DNAT. DNAT is mostly used to reroute incoming traffic from a public IP address and port to a private IP address and port on a local network, as opposed to normal NAT, which translates the source address. This is often referred to as port forwarding.

What is DNAT
What is DNAT

Purpose of DNAT: Using private IP addresses or addresses that are not immediately routable on the Internet, DNAT enables hosts on external networks, like the Internet, to establish connections with particular internal hosts (like servers). Since these internal servers’ private IP addresses are concealed from the public, external users would not be able to contact them directly without DNAT. Its primary use is to enable public internet access to internal (private) servers.

Also Read About What A Network Is And What Are Benefits Of Networking

Terminology in DNAT Context

Outside local address: The phrase “outside local address” refers especially to destination NAT. It is the address that is used to show an external host to the inside network. It stands for the translated perspective of an external host inside the internal network in DNAT scenarios.

Outside global address: This is the actual IPv4 address that a host on the Internet may be reached at. In DNAT, the “outside global” from the server’s point of view is the “inside global” address, which is a public IP address that represents an internal server and is usually where an external client sends traffic.

How DNAT Works (with Static NAT as a prime example)

Static NAT is the most often used DNAT implementation. A public global IP address (inside global address) and a private internal IP address (inside local address) are permanently mapped one to one by static NAT. For servers that require constant Internet accessibility, such as web or email servers, this is especially helpful.

Here’s a step-by-step process:

  • Internet users query 203.0.113.5:8080, a public IP and port. This public IP is frequently owned by a private network edge router or firewall.
  • DNAT Rule: NAT routers and firewalls intercept this message. DNAT rules route 203.0.113.5:80 to 192.168.1.10:80 to the internal IP and port.
  • Router DNAT validates IP and port. The packet’s destination address is changed from 203.0.113.5 to 192.168.1.10, the internal server’s private IP, and the proper port.
  • Router updates packet hits internal server. Servers examine local network device (router private IP) requests.
  • Return Traffic: The internal server responds from its IP. Before sending the return packet to the external client, the NAT device changes its source address to the public IP address. This lets the internal server and external client talk like the latter had a public IP address.

Example Scenario

  • Public IP router: 203.0.113.5.
  • The internal webserver is 192.168.1.10.
  • DNAT redirects 203.0.113.5:80 to 192.168.1.10:80.
  • Internet users can access the internal web server like a public one.

Contrast with Source NAT (SNAT)

  • In order to preserve public IPv4 addresses, Source NAT (SNAT) modifies the source IP address of packets coming from the internal network as they go to the external network. The packet’s destination IP address usually stays the same while using SNAT.
  • In contrast, DNAT allows external reachability to internal resources by explicitly changing the destination IP address for incoming connections.

Aslo Read About What Are Network Components? And Types Of Network Devices

Common Uses of DNAT

  • Hosting: Running a web, FTP, or game server on a private network and making it available to others.
  • Remote Access: Allowing external users to use RDP or SSH to access a private network computer.
  • Redirect traffic to proxy servers or load balancers.
  • Using external databases or VPNs to access internal services.
  • Security Cameras: Accessing a security camera system remotely from a location outside of the local network.

Implementation:

At the boundary of a stub network, between the internal (private) network and the external (public) network (such as the Internet), is usually where a NAT-enabled device, like a router or firewall, functions. It is positioned on the “outside” interface, which is the interface that links to the public network, and the “inside” interface, which is the interface that connects to the private network.

Advantages of DNAT

Advantages of DNAT
Advantages of DNAT
  • Provides public access to private or internal servers without directly granting them a public IP address.
  • Provides the option to host several services under a single public IP address.
  • For extra security, it can be used with firewall rules.

Disadvantages of DNAT

  • If not adequately secured, exposes internal resources to the internet.
  • Careful configuration is necessary to prevent vulnerabilities.
  • Troubleshooting may be harder with more DNAT regulations.

DNAT redirects incoming traffic from a public IP to a private internal server to host internal services for external users.

Also Read About Network Topology Types: Bus, Star, Mesh And More Topologies

Previous article
What are the Methods in Java? & Why is it called Methods?
Next article
What are Constructors in Java? & Why Constructors Are Used
Hemavathi
Hemavathihttps://govindhtech.com/
Myself Hemavathi graduated in 2018, working as Content writer at Govindtech Solutions. Passionate at Tech News & latest technologies. Desire to improve skills in Tech writing.

About Us 

Contact Us

Privacy Polacy

Disclaimer

© G Solutions

Index