What is NAT NVI? And how it differs from the “Normal” NAT?

As we all know that NAT stands for Network Address Translation, where NVI stands for “NAT Virtual Interface”

NAT in all its flavors is designed to convert IP addresses to other IP addresses (AKA, IP-to-IP translation), i.e. convert private IP addresses to public IP addresses that are understood on the Internet. You can also convert the private IP addresses to other private addresses as you might guess

NAT NVI is an updated version of the “normal” NAT which needs to specify “outside” and “inside” interfaces In the NAT configuration. Notice the example:

Router(config)# interface fa0/0 Router(config-if)# ip nat inside Router(config)# interface fa0/1 Router(config-if)# ip nat inside Router(config)# interface fa1/0 Router(config-if)# ip nat outside Router(config)# ip nat inside source static X.X.X.X   Y.Y.Y.Y (note that “inside” is specified)

The “normal” NAT is only able to do translation between “inside” and “outside” interfaces, and will not do any translations between two “inside” or two “outside” configured interfaces. HERE COMES THE LIMITATION. Look at the illustration:

This is exactly what NAT NVI comes to solve, starting from IOS version 12.3(14)T. in its configuration we only enable NAT without specifying any “inside” or “outside” interfaces, like the example below

Router(config)# interface fa0/0 Router(config-if)# ip nat enable Router(config)# interface fa0/1 Router(config-if)# ip nat enable Router(config)# interface fa1/0 Router(config-if)# ip nat enable Router(config)# ip nat source static X.X.X.X   Y.Y.Y.Y (note that “inside” is not specified)