NAT: Network Address Translation

NAT consolidates multiple IP addresses to one public IP address

Various colored network cables plugged into a network patch bay

Richard Newstead / Photodisc / Getty Images

Network address translation enables public IP addresses by remapping support on private networks. NAT is a popular technology for internet connection-sharing on home computer networks, and it is also sometimes used in server load-balancing applications on corporate networks.

How NAT Saved the Internet

NAT was designed originally to conserve public internet address space. As the number of computers joining the internet exploded during the 1990s, internet providers quickly depleted the available IPv4 address supply, and shortages threatened to completely halt growth. NAT became the primary method for IPv4 address conservation.

So-called basic NAT performs one-to-one mapping between two sets of IP addresses, but in it's most common configuration, NAT functions in one-to-many mapping. NAT on home networks maps the private IP addresses of all devices to the single public IP address. This allows computers on a local network to share one outbound connection. 

How NAT Works

NAT works by inspecting the content of both incoming and outgoing IP messages. As needed, it modifies the source or destination address in the IP protocol header and the affected checksums to reflect the configured address mapping. NAT supports either fixed or dynamic mappings of one or more internal and external IP addresses.

NAT functionality is usually found on routers and other gateway devices at the network boundary. NAT can also be implemented entirely in software. Microsoft's Internet Connection Sharing, for example, added NAT support to the Windows operating system.

Additionally, a properly configured NAT limits the access of external computers to client devices behind the translation layer. Internet RFC 1631 contains the basic NAT specification.

Setting up NAT on a Home Network

Modern home routers enable NAT by default with no administrator intervention necessary.

Networks with game consoles sometimes require manual updating of the router's NAT settings to support proper connectivity with an online gaming service. Consoles like the Microsoft Xbox or Sony PlayStation classify their NAT configuration as one of the three types:

  • Open NAT indicates the console can interact normally with all other peers on the gaming service.
  • Strict NAT restricts the console to only interact with peers that also are Strict.
  • Moderate NAT restricts the console to only interact with peers that are Moderate or Open.

Home network administrators can enable Universal Plug and Play (UPnP) on their routers to ensure Open NAT support.

What Is a NAT Firewall?

NAT firewall is the term used to describe the ability of NAT to keep one or more devices behind its translation layer. While NAT was not designed to be a full-featured network firewall, it is part of a network's overall security approach.

What Is a NAT Router?

Home broadband routers were sometimes called NAT routers in the early- and mid-2000s when NAT first appeared in mainstream consumer products.

Limitations of NAT

NAT rarely is used on IPv6 networks because the huge available address space there makes address conservation unnecessary.