NAT (Network Address Translation) Setup in Multi-WAN Routers
NAT (Network Address Translation) is the mapping of IP headers going through a router, to modify the source (source NAT) or destination (destination NAT) IP address of the IP packets. NAT was born primarily out of the demand for more IP addresses for networked devices where the IP addresses provided by the ISP can not be used. So, a clever practical solution was to make a local subnet of IP addresses available to devices on a LAN (Local Area Network) and have them use the source IP address of the WAN (Wide Area Network) link when they are going out to the public Internet. In a sense, a single external IP address can be “shared” by the local devices. The method of keeping track of these translations back and forth for the flows going in and out of the router that is at the edge of the LAN and WAN is essentially called NAT.
So, what happens with a NAT network in case you have multiple WAN links with various IP addresses on an edge router? The question becomes even more relevant with SD-WAN appliances that can perform routing decisions on a per-flow and per-packet basis. As an IT manager, do you have to manage, configure and maintain the NAT tables in order for the traffic to function correctly with multi-WAN devices?
The short answer is – it depends on your SD-WAN appliance. In modern SD-WAN appliances, the performance optimization is done behind the scenes and the majority of the routing decisions are done intelligently by the SD-WAN appliance. So, in that type of a setup, NAT network is taken care of by the router and no additional NAT tables need to be maintained by the user (except of course for custom configuration rules that the user wants to inject).
For Broadband Bonding appliances, NAT becomes quite transparent, as the branch office can inherit the Elastic Static IP of the bonded tunnel at the proxy node (which might be at a high 9s data center, or at the HQ office). In this scenario, NAT will work similar to a single WAN network, as all of the multiple WAN links at the office are grouped under the Elastic Static IP. Needless to say, similar to single WAN static IPs, there might be a set of IPs assigned to the proxy node that can be used at the branch office. The advantage of this type of an Elastic Static IP design is that the IP address is now disassociated from any of the WAN links and therefore is shielded from any of the network problems on any of the individual WAN links. This truely creates an elasticity for the static IP address where availability of the IP address is maximized. This approach is recommended for businesses that depend on business-critical cloud applications, or for the services they provide from internal servers.
Mushroom Networks is the provider of SD-WAN (Software Defined WAN) and NFV solutions capable of Broadband Bonding that enables self-healing WAN networks that route around network problems such as latency, jitter and packet loss.