NAT — Technology Wiki

Overview

Direct Answer

Network Address Translation is a networking technique that remaps IP address spaces by systematically modifying source and destination IP addresses in packet headers as they traverse network boundaries. This enables devices with private IP addresses to communicate with external networks by translating between internal and external address schemes.

How It Works

NAT operates at the network layer by maintaining translation tables that track outbound connections and their corresponding mapped addresses. When a device behind a NAT gateway initiates an outbound packet, the gateway replaces the device's private source address with a public address (often from a limited pool), and tracks the mapping so return traffic is correctly routed back. Inbound traffic destined to the public address is reverse-translated to the appropriate internal device.

Why It Matters

NAT solves IPv4 address scarcity by allowing thousands of devices to share a single public address, significantly reducing operational costs and addressing exhaustion concerns. It also provides a de facto security boundary, as internal devices remain invisible to external networks unless explicitly exposed through port forwarding, reducing attack surface.

Common Applications

Enterprise environments use NAT in firewalls and routers to protect internal networks whilst enabling employee access to external services. Internet service providers employ large-scale NAT (Carrier-grade NAT) to serve multiple customers from limited public address pools. Small office and home networks rely on NAT in consumer broadband routers.

Key Considerations

NAT creates complexities for protocols and applications that embed IP addresses in payloads or require bidirectional session initiation, potentially breaking certain peer-to-peer applications and VoIP services. Performance overhead and address translation table limits become constraints in high-throughput or highly-connected environments.

Cross-References(1)

Networking & Communications

IP Address

Related in Protocols & Standards

Computer Network

A collection of interconnected computing devices that share resources and communicate using standardised protocols.

TCP/IP

Transmission Control Protocol/Internet Protocol — the fundamental communication protocol suite powering the internet.

HTTP

Hypertext Transfer Protocol — the application-layer protocol for transmitting hypermedia documents on the World Wide Web.

HTTPS

HTTP Secure — an encrypted version of HTTP using TLS for secure communication over the internet.

DNS

Domain Name System — the hierarchical system that translates human-readable domain names into numerical IP addresses.

IP Address

A unique numerical label assigned to each device connected to a computer network for identification and routing.

IPv6

The most recent version of the Internet Protocol, providing a vastly larger address space than IPv4.

Subnet

A logical subdivision of an IP network that improves security and performance by segmenting traffic.

Software-Defined Networking

An approach to networking that uses software-based controllers to manage network behaviour centrally.

Wi-Fi 6

The sixth generation of Wi-Fi technology offering improved speed, capacity, and performance in dense environments.

Network Latency

The time delay between sending and receiving data across a network, measured in milliseconds.

Bandwidth

The maximum rate of data transfer across a network path, typically measured in bits per second.

More in Networking & Communications

VPN

Infrastructure

Virtual Private Network — a technology creating a secure, encrypted connection over a less secure network like the internet.

SSL/TLS

Protocols & Standards

Secure Sockets Layer/Transport Layer Security — cryptographic protocols providing secure communication over a computer network.

SD-WAN

Infrastructure

Software-Defined Wide Area Network — a virtualised network architecture that enables centralised management of geographically distributed networks.

Proxy Server

Infrastructure

An intermediary server that forwards requests between clients and other servers, providing security and caching.

Network Monitoring

Protocols & Standards

The practice of continuously observing a computer network for slow or failing components.

DHCP

Protocols & Standards

Dynamic Host Configuration Protocol — automatically assigns IP addresses and network configuration to devices.

Network Automation

Protocols & Standards

Using software to automatically configure, manage, test, deploy, and operate network devices and services.

Throughput

Protocols & Standards

The actual rate of successful data transfer across a network in a given time period.