Let’s say your network uses an IP addressing scheme that is valid and globally usable, but another
company is using it or you are no longer authorized to use it. Now imagine your ISP thinks it has
you locked in because it’s providing your IP address scheme, and it suddenly doubles your prices.
Rather than pay the higher prices, you shop for a new ISP with a different IP address range.
You finally find this terrific new ISP that is going to supply you with terrific Internet speeds
at a third of the cost of your other ISP. Unfortunately, it’s also going to supply you with a terrific
new IP address scheme that you must apply to your network. Even in a mid-sized network, you
would spend many hours changing your IP address scheme—and waiting for this would affect
your users tremendously. The solution is to implement a NAT overlapping address translation.
In this section, you will learn how to translate IP addresses that are not legally usable on an
outside network such as the Internet into the new officially assigned IP addresses from your ISP
For now, we will cover only the steps NAT uses to translate overlapping addresses. We will
cover configuring overlapping address translation later in this chapter, in the section “Configuring
NAT to Perform Overlapping Address Translation.”
The following steps are used when translating overlapping addresses:
1. The host on the inside network tries to open a connection to a host on the outside network
by using a fully qualified domain name (FQDN) by requesting a name-to-address lookup
from an Internet Domain Name Server (DNS).
2. The NAT border router intercepts the Internet DNS’s reply and begins the translation process
with the returned address if there is an overlapping address that is residing illegally in
the inside network.
3. To translate the returned address, the NAT border router creates a simple translation entry.
This entry maps the overlapping legal outside address to an address from an outside local
address pool of addresses legally usable on the outside network
4. The NAT border router replaces the source address with the new inside global address,
replaces the destination address with the outside global address, and forwards the packet.
This translation is for new outgoing traffic to the newly DNS-Learned IP Address.
5. The host on the outside network receives the packet and continues the conversation.
6. For each packet sent from the outside to the inside host, the router will perform a NAT
table lookup, replace the inside global destination address with the inside local address, and
replace the outside global source address with the outside local address. Conversely, for
each packet sent from the inside to the outside host, the router will perform a NAT table
lookup, replace the outside local destination address with the outside global address, and
replace the inside local source address with the inside global address.