Network Address Translation Primer

What is NAT? The quick answer is this: To replace one L3/L4 address with another. That’s it, that’s the purpose of NAT, but why would anyone one want to do this?, what are the benefits of NAT, how does it affect my network?, these are all questions we will answer.

The IPv4 range was devised with a 32 bit structure to give the ability to address 4.2 billion individual devices, or 4294967296 (232) to be precise. (If you want to know more about IPv4 and it’s history IPv4 is described in IETF publication RFC 791) it was deemed that this address range would be more than enough to meet the addressing requirements of the then internet or as it was then known “ARPAnet”

unfortunately no one could predict the rise of the internet and it’s demand on the IPv4 address space, the internet now can account for many billions of hosts and millions of networks

It was very apparent back in the 90’s that something had to be done to stem the depletion of the IPv4 range before it was too late, because with no addresses to assign routers and servers cannot be routed to or accessed.

The initial plan in conserving as much of the IPv4 range was to carve out three ranges of address out of the IPv4 block. These addresses would be reserved for use in private networks.

The one stipulation of these private address was that they would not be routable outside of the private networks, meaning that you or I could make use of these private address for use in our own self contained networks but these “islands” of isolated networks could never communicate off net to a public network, which initial was fine, internet access was still in it’s infancy back in the early days.

A typical network today will have access to the internet. The private network will be defined using a private range of addresses say for instance 192.168.1.0/24. When a host situated on the 192.168.1.0/24 network (call the host for instance 192.168.1.10) initiates traffic to go to a public server for instance a common useful address to remember is 8.8.8.8 (Google DNS) it’s traffic will pass through the router, if the router does not replace the private IP address with one which is publicly routable the packet will never be routed across the internet.

It is the router which straddles the private and public networks to provide translation service for your user traffic.