NAT - Network Address Translation

And How It Saved the Internet

Various colored network cables plugged into a network patch bay
Richard Newstead / Photodisc / Getty Images

Network address translation (NAT) enables public IP addresses remapping support on private networks. NAT is a popular technology for Internet connection sharing on home computer networks, and it is also sometimes used in server load balancing applications on corporate networks.

How NAT Works

So-called basic NAT performs one-to-one mapping between two sets of IP addresses, but in it's most common configuration, NAT functions in one-to-many mapping.

NAT on home networks maps the private IP addresses of all devices to the single public IP address. This allows computers on a local network to share one outbound connection. Additionally, a properly configured NAT limits the access of external computers to client devices behind the translation layer. Internet RFC 1631 contains the basic NAT specification.

NAT works by snooping (inspecting the content of both incoming and outgoing IP messages. As needed, it modifies the source or destination address in the IP protocol header (and the affected checksums) to reflect the configured address mapping. NAT supports either fixed or dynamic mappings of one or more internal and external IP addresses.

NAT functionality is usually found on routers and other gateway devices at the network boundary. NAT can also be implemented entirely in software. Microsoft's Internet Connection Sharing (ICS), for example, added NAT support to the Windows operating system.

Setting up NAT on a Home Network

Modern home routers enable NAT by default with no administrator intervention necessary.

Networks with game consoles sometimes require manual updating the router's NAT settings to support proper connectivity with an online gaming service. Consoles like the Microsoft Xbox or Sony PlayStation classify their NAT configuration as one of the three types:

  • an Open NAT indicates the console can interact normally with all other peers on the gaming service
  • Strict NAT restricts the console to only interact with peers that also are also Strict
  • a Moderate NAT restricts the console to only interact with peers that are Moderate or Open.

Home network administrators can enable Universal Plug and Play (UPnP) on their routers to ensure Open NAT support.

What is a NAT Firewall?

NAT firewall is the term used to describe the ability of NAT to keep one or more devices behind its translation layer. While NAT was not designed to be a full-featured network firewall, it is part of a network's overall security approach.

What is a NAT Router?

Home broadband routers were sometimes called NAT routers in the early- and mid-2000s when NAT first appeared in mainstream consumer products.

Why NAT Saved the Internet

NAT was designed originally to conserve public Internet address space. As the number of computers joining the Internet exploded during the 1990s, Internet providers quickly depleted the available IPv4 address supply and shortages threatened to completely halt growth. NAT became the primary method for IPv4 address conservation.

Limitations of NAT

NAT rarely gets used on IPv6 networks as the huge available address space there makes address conservation unnecessary.