In computer networking, network address translation is a technique used for IPv4 address translations from private/local networks to global networks. Basically, as far as the outside world is concerned, all devices in the local network share just one IPv4 address. All datagrams leaving the local network will use the same source NAT IP address, but different source port numbers.
The motivation behind NAT is simple:
- Just one IP address is needed from the provider ISP for all devices.
- Can change addresses of the host within the local network without notifying the outside world.
- Can change ISP without changing addresses of device in the local network.
- Security benefits, since devices inside the local net are not explicitly addressable.
NAT is performed by the router. What it must do is:
- Modify outgoing datagrams, by replacing the source IP address and port of every outgoing datagram to the new IP address and new port.
- Remember, in a NAT translation table, ever IP/port translation pair.
- Modify incoming datagrams.
Implementation
NAT is implemented via two main mechanisms. The first is address mapping, where a small number of external IP addresses are used by computers on the network on a FCFS or priority basis. This mapping may be statically assigned (on a 1-to-1 basis, where the translation will always occur) or dynamically assigned (where it may vary in the available range).
The other is via overloading (or port address translation, or PAT), where the same external IP address is used concurrently by several computers in the network.
The NAT traversal problem refers to connecting directly to a server behind the NAT. This isn’t necessarily possible because the host machine has a private IP. Instead, there are two solutions:
- Statically configure the NAT to forward incoming connection requests at the given port to the server.
- Universal Plug and Play (UPnP) protocol allows NAT-ed host to learn public IP address, and add/remove port mappings with a lease time.
