Does NAT Map to the MAC Address, or to the Local IP?
Solution 1
To answer the question asked:
NAT is a layer 3 networking effect - it happens when packets are routed, whereas MAC addresses are a layer 2 network aspect - they are only meaningful on the local network. So to answer your question, you cannot NAT to a MAC address - the notion of NAT cannot work across layers.
To answer the actual question (how can I use DHCP and ensure NAT still works):
You just need to reserve your IP address in DHCP so that it doesn't change over time. This is bound to the MAC address of your machine. So and tells the DHCP server that if a request for an IP address comes from a specific MAC address, it should be assigned a specific IP address.
Solution 2
DHCP server on the router will, over time, change the assigned local IP.
No, this is just the default behaviour. You can assign a specific IP to a computer with a MAC reservation.
How you do that varies per DHCP server:
Many SoHo devices have a web interface to do this. This interface varies.
On windows you can you open the DHCP Server management console and set reservations.
On Linux installations it depends on the software used, but most of the time you can edit /etc/dhcpd.conf and add something like this:
host name_of_your_PC
{
hardware ethernet 00:11:22:33:44:55;
fixed-address 1.2.3.4;
}
Based on this information my practice has been to use a static IP for any services behind the router that are to be accessed from outside.
Static IP addresses for servers are a good thing.
(As are static IP addresses for network printers, scanner and similar devices).
However you can set those in two ways:
1. Hard. Configure static IP on the device.
2. Using DHCP and setting reservations.
The last is cleaner since you only have one place to manage the configurations. The only disadvantage is when (if) your DHCP server ever goes down. Both are valid options though.
However apparently the router sometimes "identifies" a device by its MAC, and other times by its local IP.
It helps if you have some background of DHCP. Briefly it works like this:
- A new device brings up its NIC and broadcasts "Hi, I am AA:BB:CC:DD:EE:FF. I would like to get the information needed to work on this network". (DHCP req)
- A DHCP server notices the broadcast and replies:
"AA:BB:CC:DD:EE:FF, you can this IP. It is valid for this period.". It might also offer the settings for DNS, for the default gateway and a hostname. The last are optional. (DHCP ack)
The server can also deny the DHCP request.
Say that the new device got IP 1.2.3.4 and was told it was allowed to use that for 4 hours. After half that time (2hours) it will ask for a renewal. "Hi DHCP server. I already got this IP from you. I want to keep using it a bit longer. Is it fine for another 4 hours?".
(Think of renting a book at the library and phoning in to renew the lease).
Usually this goes on forever and the device will keep using the same IP forever. Your NAT will keep pointing to the right place and everything will be fine.
Now If you turn off your computer for a day then it can not longer renew it. It will have to ask for a completely new lease. Lets sketch that:
PC1 gets IP 1.2.3.4 for 4 hours.
PC1 gets power off for the weekend.
PC2 get boots and gets a IP 1.2.3.4
PC1 boots and asks for an IP.
It will get an IP, but not the same one as before.
This is operating as designed. (Otherwise old devices would just slowly fill up the table of used IPs.)
My own logic tells me the router should "route" or NAT the specific port request from the outside to the MAC address where I have the service, and not to the IP.
No. NAT works on the IP layer. NAT is not aware of MAC addresses.
If the DHCP server restarts, or, for example, the client device goes offline, then comes back on, will the DHCP server try to maintain the previous local IP assigned to the device, or will it just pick the next available IP?
This depends on the DHCP server. Some will just hand out the first free IP iin their list. Some will remember which IP was previously used and -if it is still free- give the same IP to the same device. There is no generic one size first all answer here.
Related videos on Youtube
03 : 14
13 : 35
07 : 19
03 : 02
04 : 26
Todd Callison
Updated on September 18, 2022Comments
-
Todd Callison over 1 year
I would like to set up NAT to put a service on internet using my Technicolor TG 582 router. I mention the specific router model just to have a reference, but the question goes in general as I may need to use this programming with different routers.
I would like to have the DHCP server assign addresses to the services, but at the same time, use NAT to point to the services.
I have been told by colleagues that if you let DHCP assign the IP to the device, the specific NAT rule will eventually fail, as the DHCP server on the router will, over time, change the assigned local IP, invalidating the NAT port link--which is to the local IP, not to the MAC (physical) address of the device.
Based on this information my practice has been to use a static IP for any services behind the router that are to be accessed from outside. However apparently the router sometimes "identifies" a device by its MAC, and other times by its local IP. My own logic tells me the router should "route" or NAT the specific port request from the outside to the MAC address where I have the service, and not to the IP.
So which is it? The second part of the question would be, if the DHCP server restarts, or, for example, the client device goes offline, then comes back on, will the DHCP server try to maintain the previous local IP assigned to the device, or will it just pick the next available IP?