Why Use Network Address Translation?

           During early Internet evolution several issues arose that could potentially stifle the world-wide Internet goal and vision. The Internet was quickly running out of IP addresses while hosts and devices were connecting to the Internet at an exponential rate. Technologies like Gopher were quickly being replaced by websites that needed host names along with addresses, increasing pressure on the address shortage. More hosts on private networks (such as those in homes and businesses) were requiring access to the Internet for researching the new websites, increasing address demand in addition to viable website host name resolution suitable for standard users.

            Network Address Translation or NAT was developed to resolve the address shortage. NAT enables an entire private network to access the Internet through as little as one address while using a different address range on the private network. NAT technology works by mapping every private LAN host web session to the public host address and TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) port used to establish the initial session or by mapping one private address to one public address . So when a private network host starts communication by sending a request or TCP synchronization packet (in most cases) to a host on the Internet the NAT device serves as a private network gateway to the Internet and receives the request. NAT either maps a private address to a public address or identifies the TCP or UDP port and private address of the requester and replaces the packet header source address with the public network address of the NAT device. The Internet host or website that receives the request originating from the private network host only sees the single public address assigned to the NAT device and not the actual private address of the host originating the request. The Internet host or website responds to the NAT device public address and port included in the packet header which is received from the NAT device. The NAT device then identifies the correct private host destination based upon the destination port specified within the packet header, then replaces the public address in the packet with the private IP of the true destination host and sends the packet to the originating host.

CCNA Routing and Switching Portable Command Guide (3rd Edition)
Amazon Price: $34.99 $18.73 Buy Now
(price as of Apr 22, 2015)

NAT Types

Static NAT

       There is more than one type of NAT technology. [1] Static NAT maps a single private address to one  in a public range. The IETF or Internet Engineering Task Force has identified three private ranges,,, and, that can be used only on private (not public) networks. This means that hosts with an address in one of the private ranges cannot communicate on the Internet (Internet routers will reject traffic originating from a private address). Static NAT is useful for situations in which a private network host needs public network access and only requires mapping so the private network host can forward traffic using an address that is legal on the Internet. Because Static NAT provides a one to one mapping, Static NAT does not resolve the shortage.

Dynamic NAT

       Dynamic NAT helps resolve the  address shortage by mapping private to public from a reserved pool of public addresses. For example, on a private network that has 100 hosts requiring NAT for public network access, there may be a short list of private network hosts that actually require Internet access at any one time. So with a pool of 5 public Internet addresses, Dynamic NAT can support up to 5 Internet connections from the private network by mapping the private one to a public assignment from the pool. When an Internet session is closed the public IP assigned is returned to the pool for use when another public network access request is received from a LAN host. Dynamic NAT is useful if an organization has more than one public address assigned by their Internet Service Provider or ISP. [1]

Port Address Translation (NAT Overloading)

       Overloading or PAT (Port Address Translation) is a type of NAT that enables organizations and home based Internet users to have only a single public Internet IP while allowing multiple, simultaneous Internet sessions to be established from the private network to the public Internet. As described earlier, this type of NAT maps private range addresses along with the TCP or UDP port specified in the packet to the single public Internet IP on the device performing NAT.  Depending upon the PAT implementation, the NAT device may also map a different port to the external Internet interface of the NAT device for each Internet session from the private network. This means that both the port and IP in a packet received by the Internet destination host may be different than the IP and port sent by the originating private network host. [1]

NAT Overlapping

       NAT overlapping is a special NAT case which enables LAN hosts to use Internet or Registered IP addresses on a private network while also accessing the Internet. Since two hosts cannot have the same IP on a network, private network hosts that use a public Internet IP  (registered) cannot access the Internet unless the private network host IP is changed. NAT overlapping performs the IP address change automatically by using  procedures such as overloading or Dynamic NAT, explained earlier.


       IP version 4 supports a theoretical limit of 4,294,967,296 IP addresses. NAT has been used primarily to enable IP version 4 usage until IP version 6 could be introduced. IP version 6 supports many more IP addresses (340,282,366,920,938,463,463,374,607,431,768,211,456 which can be rounded to 340 trillion IP addresses) so does not have the same IP short fall hence NAT dependency as IP version 4. However, NAT has enabled the long delay in IP version 6 world wide deployment. Just recently there has been movement toward IP version 6 deployment with the U.S. Department of Defense (DoD) issuing mandates for DoD networks to migrate from IP version 4 to IP version 6. However, with the Internet and most private networks dependent upon IP version 4, a migration path from IP version 4 to IP version 6 on live networks is needed. NAT to the rescue once again with the NAT-PT or Network Address Translation-Protocol Translation technology. This special type of NAT enables IP version 4 and IP version 6 networks to co-exist by mapping IPv4 to IPv6 addresses and vice versa along with translating other protocols that are components of the two protocol suites.[2]  NAT-PT implementations may also translate application specific protocols when required to ensure seamless communication across the IPv4 to IPv6 boundaries.


       Internet and network technology in general is rapidly changing as the number of Internet hosts and networks continue to grow and expand. Mobile networking through cell phones, tablet computers and similar devices, along with the migration of standard household appliances to IP network support, continue to drive and shape the Internet. The need for IP version 6 is apparent, however with technologies such as NAT providing seamless network access, IP version 4 will continue to be viable, enabling the slow migration to IP version 6.