Network Address Translation (NAT)

 in Networking  tagged network / IP / address / TCP by

What is network address translation (NAT)? Wikipedia says: “NAT is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.” Wikipedia goes on later to say: “In more advanced NAT implementations featuring IP masquerading, it has become a popular and essential tool in conserving global address space allocations in face of IPv4 address exhaustion by sharing one Internet-routable IP address of a NAT gateway for an entire private network.”

Each host (computing device or computer) needs a unique IP address to communicate on the Internet. This creates two challenges. First, with IPv4, we’ve run out of addresses. Secondly, we have a security risk. Primarily though, NAT’s creation was to address the problem of limited IPv4 addresses and the second issue, security, is an added bonus.

FileZilla Wiki says: “Many hosts and routers on the internet use the IPv4 protocol. The number of hosts connected to the internet has reached IPV4’s design limit for the number of addresses (IPv6 is designed to relieve this). NAT routers allow multiple systems within a LAN to connect to the outside world with one external IP address”. NAT allows a single device to act as an Internet gateway for internal LAN clients by translating the clients’ internal network IP Addresses into the IP Address on the NAT-enabled gateway device. NAT keeps the port number in tact (the same).

A private IP address is a non-Internet facing IP address on an internal network. Private IP addresses are provided by network devices, such as routers, using network address translation (NAT).

In the above diagram, each of the three computers have an internal IP address. They are all connected to a switch. The switch is used here because this network plans to expand to perhaps dozens of computers and the switch allows for lots of connections, whereas the router does not. The switch simply allows for many connections to the router. The router has an internal IP address and an external one.

  • Computer A’s IP address: 192.168.0.34
  • Computer A’s default gateway: 192.168.0.1
  • NAT Router’s internal IP address: 192.168.0.1
  • NAT Router’s external IP address: 1.2.3.4 (a public IP address)
  • The Internet connectivity is provided by your Internet Service Provider

NAT Router

The router in the diagram is a NAT Router, even though it only labelled as a router.

IP Masquerading

Wikipedia says of NAT: “IP masquerading is a technique that hides an entire IP address space, usually consisting of private IP addresses, behind a single IP address in another, usually public address space. The address that has to be hidden is changed into a single (public) IP address as “new” source address of the outgoing IP packet so it appears as originating not from the hidden host but from the routing device itself. Because of the popularity of this technique to conserve IPv4 address space, the term NAT has become virtually synonymous with IP masquerading.”

You can draw your own network diagrams with LibreOffice Draw.