In its early days, the Internet wasn’t as big a network as the one we're familiar with today. As a result, there were “only” 32 bits for IP addresses, the equivalent of 4,294,967,296 unique addresses. However, as the number of computers connected to the Internet grew exponentially, IP addresses began to run out. That’s why Network Address Translation (NAT) was born.
The idea was simple: allow computer networks to use a set of unique addresses (private IPs) and connect to the Internet using a single IP address (public IP). Because of this “patch,” large companies would only use one IP address rather than one for each computer. Home networks would also use it to connect to the Internet.
How Does NAT Work?
With NAT, there are various types of operation modes, which we'll break down below.
Static
In this case, a private IP address always translates into the same public IP address. This operation mode would allow a host within the network to be visible from the Internet.
Dynamic
The router is assigned multiple public IP addresses, so each private IP address uses one of these addresses. As such, each private IP address corresponds to at least one public IP address.
Whenever a host needs to connect to the Internet, the router assigns it a public IP address. This increases security by making it more difficult for an external host to access the network given that the public IP addresses change.
Overloading
NAT Overloading, or PAT (Port Address Translation), is the most common operation mode because of its domestic use. Multiple private IP addresses can be mapped to one public IP address, thus avoiding subscribing to more than one public IP address. In addition to the economic savings, PAT also saves IPv4 addresses because even if the subnet has many computers, they all connect to the Internet through the same public IP address.
For this purpose, the router uses ports. In the TCP and UDP protocols, 65,536 ports are available for establishing connections. So, when a computer wants to connect, the router stores its private IP and source port and associates them with the public IP and a random port. When information arrives on this randomly chosen port, the router checks the routing table and resends it to the corresponding private IP and port.
Overlapping
When a network’s private IP address is a public IP address in use, the router replaces it with another to avoid address conflicts.
Advantages
There are several advantages to using NAT:
- The first and most apparent is the vast savings in IPv4 addresses since administrators and companies can connect multiple computers on a network to the Internet using a single public IP address.
- Network maintenance: During maintenance, you would only need to change the routing table to reroute all traffic to another machine.
Disadvantages
NAT is just a patch, not a solution to the real problem, so there are several drawbacks to using it:
- TCP and UDP checksums: The router must recompute the checksum (values generated from transmitted data before and after transmission) of each packet it modifies, which requires more processing power.
- Not all apps or protocols support NAT: Some introduce the source port inside the data zone of a packet so that the router won’t modify it, and the app won’t work correctly.
- This method of mapping an IP address isn’t commonly used in IPv6 because IPv6 aims to restore end-to-end network connectivity.
This article was written by José Luis Alcoba and originally published in Spanish.
Image | Christiaan Colen | Flickr
View 0 comments