NAT is a technique that maps many private IP addresses to one (or a few) public IP address(es), conserving scarce IPv4 space and providing a rudimentary layer of address hiding.
Why NAT Matters
- IPv4 Conservation: One public address can serve hundreds or thousands of private hosts.
- Simple Address Privacy: Internal IPs aren’t exposed to the Internet, mitigating some scanning/recon attacks.
- Flexible Renumbering: You can change your ISP (and public IP) without renumbering every host.
How NAT Works
- A host (e.g. 192.168.0.10:15401) sends a packet to an Internet server.
- The NAT router:
- Replaces the source IP (and often port) with its public IP (and a unique port).
- Stores the mapping in its NAT translation table.
- The Internet server replies to the router’s public IP/port.
- The router looks up the original private mapping and forwards the reply back to 192.168.0.10:15401.
Translation Table Example
| Private Address:Port |
Public Address:Port |
| 192.168.0.10:15401 |
212.3.4.5:49215 |
| 192.168.0.11:15402 |
212.3.4.5:49216 |
Types of NAT
| Type |
Description |
| Static NAT |
One‑to‑one mapping between a private and public IP—useful for hosting internal servers publicly. |
| Dynamic NAT |
Pools of public IPs are assigned dynamically to internal hosts—limited by pool size. |
| PAT (NAT Overload) |
Many‑to‑one mapping: all private hosts share a single public IP differentiated by port numbers. |