Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What is the difference between SNAT and DNAT?
Let us begin by understanding what SNAT is.
SNAT
SNAT represents Source NAT. Source NAT is used when an internal user starts a connection with an external Host. Therefore, the layer 3 device on which we already configured NAT, interprets the private IP address of the Host to Public IP. It can also interpret the source port in the TCP or UDP protocol headers.
It can create an outbound connection, an ephemeral port is used to support the destination with a port on which to communicate and keep a distinct traffic stream. When these ephemeral ports are used for SNAT, they are known as SNAT ports. By definition, each IP address has 65,535 ports.
A secure network address translation (SNAT) is a characteristic that interprets the source IP address within a connection to a BIG-IP system IP address that it can define. The destination node then uses that new source address as its destination address when acknowledging the request.
DNAT
DNAT stands for Destination NAT and is used when an external Host with a Public IP, starts a connection towards our Internal/Private Network. Therefore, the same layer 3 device, transforms the public IP address of that host to the private IP of the internal Host/Server.
The Destination NAT is configured for the Demilitarized Zone (DMZ). In the DMZ, it can generally put our Server with Private IP addresses. Therefore, public users can create them with the support of Destination NAT (DNAT).
Destination NAT is performed on incoming packets, where the firewall executes a public destination address to a private address. DNAT is a 1-to-1, static translation with the options to execute port forwarding or port interpretation.
Differences
The differences between SNAT and DNAT are as follows −
| SNAT | DNAT |
|---|---|
| SNAT represents Source NAT. | DNAT represents Destination NAT. |
| It is used by a user which is within our It is used when someone from a public private network and required to access the Internet. | It is used when someone from a public network is required to access a server within the DMZ. |
| SNAT transforms the source address of packets passing through the NAT device. | DNAT transforms the destination address of packets passing through the Router. |
| SNAT is implemented after the routing decision is built. | DNAT is implemented before the routing decision is built. |
| SNAT allows multiple hosts on the “internal” to receive to any host on the “external”. | “internal” to receive to any host on the “external”. DNAT enables several hosts on the “external” to get to any host on the “internal”. |
| When some internal private IP addresses get interpreted to one public IP address. It is known as Static SNAT. | When some internal private IP addresses get interpreted to many public IP addresses. It is known as Dynamic SNAT. |
| A private IP address is transformed into Public IP. | Public IP is transformed into Private IP. |
6K+ Views
