Network Address Translation (NAT) Protocol
By Stephen Bucaro
NAT is a protocol that is used by a router to convert IP addresses on the internal private
network to the it's own public IP address for the Internet. If NAT were not used each computer
on the internal private network would be visible to the Internet. Also, Internet IP addresses
are limited. NAT allows IP addresses to be assigned on the internal network regardless of whether
they have been allocated on the Internet.
Here are the steps taken by NAT
1. A computer on the internal network makes a request, through the router, for a resource
located on the Internet.
2. The router records the computer's IP address as an entry in its NAT table.
3. The router changes the private IP address in the packet to the routers public IP address.
It records the new address in the NAT table entry.
4. The router sends the resource request to the destination address on the Internet.
5. The host at the Internet address returns the requested resource to the routers public IP address.
6. The router looks in it's NAT table for the related private IP address and sends the
resource to the computer on the internal network.
Sometimes NAT is referred to as PAT for Port Address Translation. This is because as
stated earlier, Internet IP addresses are limited. Usually a router has only one public IP
address. So for each request for a resource located on the Internet, in its NAT table, it actually
records the internal computer's IP address and a unique PORT number for the routers public
The host at the Internet address returns the requested resource to the routers public
IP address⁄port number. The router then looks in its NAT table for the internal network
IP address related to that port number.
Actually almost all IP addresses on the Internet are address⁄port combinations. Knowing
the destination IP address may get the packets to the correct destination host, but it needs
the port number to get to the correct destination service.