What is NAT?
NAT stands for Network Address Translation and is used in routers and other network-connected devices. The primary purpose of a NAT is to help preserve the limited amount of IPv4 public IP addresses. NAT enables multiple devices with private IP addresses to access the internet using a single public IP address.
How does NAT work?
NAT acts as a liaison between your internet-enabled devices (a private network) to successfully communicate with devices on the internet (public network). NAT enables this communication with the help of a router where a single unique IP address of the router is needed to represent all the devices to devices outside the network.
Types of NAT
There are three types of NAT:
In Static NAT, your internal device’s unregistered private IP address gets mapped with a registered public IP address, giving your internal internet-enabled device instant connectivity to the global internet.
In Dynamic NAT, the private IP addresses are mapped with public IP addresses from a group of public IP addresses known as the NAT pool. Dynamic NAT enables a one-to-one connection between a private IP address to a public IP address.
Port Address Translation (PAT)
Port Address Translation (PAT) is another type of dynamic NAT where several private IP addresses are mapped with a single public IP address. When a user from within the network attempts to communicate with a user on the internet, the router assigns the (TCP or UDP) ports with another port number.
Since you’re learning about NAT, you might want to consider reading about Port Forwarding.
NAT Inside and Outside Addresses
NAT inside refers to the addresses which have to be translated and in your control. NAT outside refers to the addresses where the addresses’ translation has to be done and are not in your control.
NAT inside is further divided between designations referring to an inside local address and an inside global address. NAT outside is also divided into an outside local address and outside global address designations. Here’s more on that:
Inside local address – This is an IP address assigned to devices on the inside (local) network. This IP address doesn’t necessarily have to be assigned by your service provider, meaning these are private IP addresses.
Inside global address – This is an IP address that visually characterizes one or more devices on the inside local IP addresses to the outside internet network.
Outside local address – This is the real IP address of the device at another network. These are private IP addresses assigned to the devices in another private network.
Outside global address – This is the public IP address assigned to the end device on the other network to communicate with other devices on the internet.
Pros and Cons of NAT
Here are the advantages and disadvantages of NAT:
|NAT helps prevent the depletion of legally registered IPv4 IP addresses.||NAT might cause delays in IPv4 communication.|
|NAT provides added privacy as the device IP address that sends and receives the traffic is hidden.||When NAT is enabled, certain applications might not function properly.|
|NAT removes the duplication of renumbering when a different network is involved.||NAT is known to complicate tunneling protocols such as IPsec.|
Difference between NAT and PAT
Here are the main differences between NAT and PAT:
|Basic Difference||Converts the private local IP address to the public global IP address.||Converts the private IP addresses of an internal network to the public IP address via Port numbers.|
|Relationship||An umbrella of PAT.||A variant of NAT (a form of a Dynamic NAT).|
|Uses||IPv4 Address||IPv4 addresses along with the port number.|
|Types||Static NAT, Dynamic NAT||Static PAT, Overloaded PAT|
What is NAT Filtering?
NAT filtering improves the security of your internet network, keeping you far away from cyber threats. NAT Filtering combats eavesdroppers, hackers, and the like from inserting your network and devices with malware data packets.
NAT filtering works by scrutinizing each data packet before it sends the data any further. With NAT filtering in place, any unrequested incoming traffic is discarded from entering into your private internet network. NAT filtering rightly sends out data packets to their intended device.
NAT and NAT filtering are router-based and are constantly filtering out unwanted data packets. If NAT detects an unidentified source or a hacking attempt via a malicious code, the NAT firewall takes over.