Understanding Address Translation

Address translation can occur one of two ways: inside or outside source translation.

Inside Source Translation

Inside source translation is the most commonly used NAT configuration. When an inside host sends a packet to the outside network, the NAT router translates the source information (either the source address or the source address/port pair) and, in the inbound direction, restores the original information (this time operating on the destination address or address/port pair).

For outbound traffic, the NAT router translates the inside local address (or address/port) into the inside global address (or address/port), either through a statically defined translation or dynamically created translation. For inbound traffic, a translation must be found to revert the inside global address (or address/port) into the inside local address (or address/port), or the packet is not routed into the inside network.

Note: Dynamic inside source translations are established by outbound traffic.

You use inside source translation in traditional and bidirectional NAT configurations.

Outside Source Translation

Outside source translation is used in NAT configurations only when addresses of external hosts might create a conflict on the private network. This complementary translation process is performed on the opposite addressing fields in the IP packet. When an outside host sends a packet to the inside network, the NAT router translates the source information (either the source address or the source address/port pair) and, in the outbound direction, restores the original information (this time operating on the destination address or address/port pair).

For inbound traffic, the NAT router translates the outside global address (or address/port) into the outside local address (or address/port), either through a statically defined translation or dynamically created translation. For outbound traffic, a translation must be found to revert the outside local address (or address/port) into the outside global address (or address/port), or the packet is not routed into the outside network.

Note: Dynamic outside source translations are established by inbound traffic.

You use outside source translation along with inside source translation to configure twice NAT.