Networking - NAT (Network Address Translation)

What is NAT?

NAT (Network Address Translation) is a technique that allows multiple devices on a private network (LAN) to share a single public IP address when accessing the internet.

It modifies the IP address information in packets as they pass through a router or firewall.

Why NAT is Needed

  1. IPv4 address shortage → Private networks use private IPs (e.g., 192.168.x.x, 10.x.x.x) that are not routable on the internet. NAT translates them into a public IP.

  2. Security → Internal IPs remain hidden from the outside world.

  3. Flexibility → Multiple devices can connect to the internet using one public IP.

How NAT Works (Example)

  • Device A has IP 192.168.1.10

  • Device B has IP 192.168.1.20

  • Both send requests to the internet through a router with a public IP 203.0.113.5.

  • NAT translates each device’s private IP into the public IP and keeps a translation table to track connections.

  • Replies from the internet are mapped back to the correct private device.

Types of NAT

  1. Static NAT

    • One private IP ↔ One public IP (fixed mapping).

    • Example: Hosting a web server inside a LAN.

  2. Dynamic NAT

    • Private IPs mapped to a pool of public IPs (first-come, first-served).

  3. PAT (Port Address Translation) — also called NAT Overload

    • Most common type (used at home).

    • Many private IPs share one public IP, distinguished by port numbers.

    • Example:

      • 192.168.1.10:5001 → 203.0.113.5:30001

      • 192.168.1.20:5002 → 203.0.113.5:30002

Pros of NAT

  • Saves public IP addresses.

  • Adds a layer of privacy (internal IPs hidden).

  • Works seamlessly with DHCP.

Cons of NAT

  • Slight delay (needs to translate each packet).

  • Some applications (VoIP, online games, peer-to-peer) may not work smoothly without special configurations (like port forwarding).

 In short: NAT is like a company’s receptionist.

  • Employees (private IPs) call outside clients.

  • The receptionist (NAT router) uses one company phone number (public IP) and keeps track of which employee is on which call (port numbers).

  • When someone calls back, the receptionist connects it to the right employee.