NAT (Network Address Translation)

Network address translation (NAT) portocol is to serve the IPv4 limited problem. It allows a single device (Router) to have a single, unique IP that can represent the entire group of computers.

The router will then modify the IP header in outgoing packets so that the source address matches your public address.

The way it works is to modify the L3 header in the packet which has:

• Source ip address
• Destination ip address

For example in here when it cross the router the only thing that's changed is the L3 header. That's NAT (Network Address Translation)

So multple addresses can have private ip address while your router has the public ip address.

Once we moved to IPv6, we might not need NAT anymore

Static NAT (one-to-one NAT)

Basica NAT, one-to-one mapping from private IP address to public IP address.

One private ip will be map to 1 public ip vice versa. For example we can define that the ip 10.6.6.61 will be map to 72.9.4.23. All the request from 10.6.6.61 will be map to 72.9.4.23 public ip and all request to 72.9.4.23 will be map to 10.6.6.61 private ip.

Note: we only have 1 public ip = 1 private ip here

Dynamic NAT

In dynamic nat, we define the list of ips that the device can use. For example:

We translate everything from 10.6.6.0/24 to either 72.9.4.22, 72.9.4.23 or 72.9.4.24. The device itself (A, B or C) will choose which public ip address it should be mapped to.

Note: we only have 1 public ip = 1 private ip here but the assignment is random.

NAT Overload

Allows many private to map to one public. The port number will be used to distinguish the traffic flows. Use the idea of PAT (Port Address Translation) to modify the Ip address and port for both the source and destination.