With Network Address Translation, a private network segment is established on the virtual LAN and mappings are established that take addresses on the real network and translate them to the private addresses as shown in Figure C-6. Virtual Network VLAN 1 172.168.1. 255.255.255.0 Physical Network 10.1.1.x 255.255.255.0 1 2 3 i5/OS Linux1 Linux1 .1 .2 .3 .3 .101 .154 NAT Figure C-6 Virtual network example - Network Address Translation The addresses on the physical network are allocated as TCP/IP interfaces against the i5/OS adapter. When traffic is seen on one of the addresses, it is routed to the i5/OS partition. At that point, the network stack in i5/OS goes into the packet and changes the IP address in the header to the IP address of the partition on the virtual LAN and then broadcasts the traffic on the virtual LAN. Similarly, as traffic is routed out of the virtual LAN, the network stack in i5/OS will again go into the packet and change the IP address in the packet header to the external address of the partition. For partitions that will see heavy network traffic, the use of NAT can cause performance degradation since the partition relies on i5/OS to translate the address in each packet. The use of Proxy ARP over NAT has been shown to provide better network