NAT resources

["Appel, John" <AppelJ () 1st-annapolis com>]

Several folks have asked what I found or was pointed to in the way of
NAT (Network Address Translation) information resources, so here goes.
Any mistakes in the descriptions are purely mine:

Two RFCs are key - RFC 1918, "Address Allocation for Private Internets"
(Rekhter, Moskowitz, Karrenberg, de Groot & Lear, Feb. 1996) describes
building private internetworks using the non-Internet routable address
spaces.  RFC 1631 "The IP Network Address Translator" (Egevang &
Francis, May 1994) specifically addresses NAT.  Numerous sources for
those two documents.  RFC 1878 , "Variable Length Subnet Table for IPv4"
(Pumill & Manning, December 1995) is also pretty handy when the brain
locks up calculating subnets.

Also, there is a working Internet Draft entitled "Architectural
Implications of NAT" dated March 1998 by Tony Hain of Microsoft.  I
found this at
http://www.cs-ipv6.lancs.ac.uk/ftp-archive/Standards/general-comms/inter
net-drafts/draft-iab-nat-implications-00.txt.  You may find a shorter
URL!

Dr. Peter Welcher of Chesapeake Computer Consultants has a white paper
on NAT at http://www.ccci.com/product/papers/pete/papers/nat.htm.  This
also discusses some Cisco-specific issues (CCC is apparently a Cisco
reseller) along with a nice concise explanation of NAT and some
pros/cons.

I found a NAT presentation at
http://www.csn.tu-chemnitz.de/~mha/linux-ip-nat/diplom/nat.html.  This
looks pretty good and is fairly meaty, but you can't pull down the
complete document.

Cisco has a few documents itself; a document covering their
implementation of NAT in IOS, located at
http://www.cisco.com/warp/public/701/60.html and a FAQ about their NAT
v2.1 product at http://www.cisco.com/warp/public/458/41.html.  

3Com also has a pretty detailed document for configuring one of their
devices (one of the low-end 'Net access boxes, I think) to use NAT at
http://www.remoteaccess.3com.com/support/newcode/rnotes/nat.htm.  Intel
also had a nice document for their Express series routers at
http://support.intel.com/support/express/routers/8xxx/24206.htm.  These
are pretty much "how-tos".

Is it just me, or is Bay Networks' site search facility just about
useless?  They may have good stuff there but I couldn't find it.

Various firewall vendors discuss their implementation of NAT; check out
their pages for more detail, though there isn't much. 8-(  Information
here is largely of the marketing-brochure variety, pretty and attractive
but with no real information.

A search on Amazon.com offered up the 2nd edition of "TCP/IP Network
Administration" by Craig Hunt, O'Reilly & Associates, ASIN: 1565923227.
I have the first edition of this, which seems to pre-date NAT; I may
spring for the new edition.  Go to http://www.ora.com for more on this
book.  Nothing else sprang out of Amazon.com, but there may be other
commercial networking texts which cover this.

There's also an opinion piece by Erik Fair entitled "Private IP Address
Space is a Bad Idea", dated October 18, 1996.  It has a companion,
"Firewall Systems Considered Harmful".  These are at
http://www.clock.org/~fair/opinion/rfc1597.html and
http://www.clock.org/~fair/opinion/firewalls.html respectively.  These
are very short but interesting.  Erik is a member of the IETF.

That's my haul to date.  Hope this helps somebody else!

John

John Appel
Director, IT Operations
First Annapolis Consulting
appelj () 1st-annapolis com