Determining Network Connectivity Strategies

Previous Topic Next Topic

Network Address Translation

Windows 2000 network address translation (NAT) allows computers on a small network, such as a small office/home office (SOHO), to share a single Internet connection. The computer on which NAT is installed can act as a network address translator, a simplified DHCP server, a DNS proxy, and a WINS proxy. NAT allows host computers to share one or more publicly registered IP addresses, helping to conserve public address space.

There are two types of connections to the Internet: routed and translated. When planning for a routed connection, you will need a range of IP addresses from your ISP to use on the internal portion of your network, and they will also give you the IP address of the DNS server you need to use. You can either statically configure the IP address configuration of each SOHO computer, or use a DHCP server.

The Windows 2000 router needs to be configured with a network adapter for the internal network (10 or 100BaseT Ethernet, for example). It also needs to be configured with an Internet connection such as an analog or ISDN modem, xDSL modem, cable modem, or a fractional T1 line.

The translated method, or NAT, gives you a more secure network because the addresses of your private network are completely hidden from the Internet. The connection shared computer, which uses NAT, does all of the translation of Internet addresses to your private network, and vice versa. However, be aware that the NAT computer does not have the ability to translate all payloads. This is because some applications use IP addresses in other fields besides the standard TCP/IP header fields.

The DHCP allocator functionality in NAT enables all DHCP clients in the SOHO network to automatically obtain an IP address, subnet mask, default gateway, and DNS server address from the NAT computer. If you have any non-DHCP computers on the network, then statically configure their IP address configuration.

To keep resource costs to a minimum with a SOHO network, only one Windows 2000 server is needed. Depending on whether you are running a translated or routed connection, this single server can suffice for NAT, APIPA, Routing and Remote Access, or DHCP.

For more information about NAT and its configuration, see the Windows 2000 Server online Help.

© 1985-2000 Microsoft Corporation. All rights reserved.