What Is NAT (Network Address Translation) and How It Works?

Network Address Translation a.k.a. NAT is a process or technique used to change IP address and TCP port numbers by an intermediate device like firewall, router, modem, etc. There are different use cases for NAT but the most popular one is to use a single WAN IP address for multiple servers and clients which is located LAN.

Topology

NAT has the following topology in general. NAT will occur on the router where a request made from LAN will translate into WAN IP address of the router.

LAN IP Address

LAN IP addresses are Private IP addresses which are like below.

• 192.168.0.0 – 192.168.255.255
• 172.16.0.0 – 172.31.255.255
• 10.0.0.0 – 10.255.255.255

If we look your IP address with the ipconfig for Windows or ip address Linux command we will see that our IP address is inside the range of the given IP address. These LAN IP addresses cannot be used on the internet so we require a new type of IP address without changing LAN IP address.

> ipconfig

WAN IP Address

WAN IP  addresses are named as Public IP Addresses. They are used on the internet and numbered between following addresses except for LAN IP Address

• 0.0.0.1 – 255.255.255.255

We can check our WAN IP address in different ways but Google is the most practical ne if we have a browser what is my ip address

TCP and UDP Ports

TCP and UDP protocols are used to the transmission of the data between hosts or clients and servers. During a NAT TCP and UDP port numbers are generally changes. As every TCP or UDP packet has a source port and destination port. These port numbers will be changed during a NAT operation.

How NAT Works?

Now we will look at how NAT  works step by step. We will use the following topology and steps for description.

• First, a packet will be created by the client which resides in the LAN. The packet source and destination IP address and port numbers will be like below.

• When the packet arrives at the router the given source IP address and port number will be changed. The source IP address will be the WAN IP address of the router. The source port number will be set by the router randomly or according to the given configuration. We can see that changed values in red boxes. The new source IP address will be 176.43.223.203 and source port number will 3019.

• This package will be redirected to the server on the internet. After the server process request and create packets for the response the source and destination IP address will be like below.

• When this packet arrives at the router it will NAT’ted or translated into the LAN and destination IP address and port number will be changed like below. The destination IP address will be 192.168.142.100 and destination port number will be 2019.

NAT Types

As a popular mechanism NAT can be done in different ways for different cases.

• Static NAT
• Dynamic NAT
• Overloading

Static NAT

If we want to provide an IP address or port completely into a LAN client IP address and port permanently we need to use static NAT where the NAT configuration will be static and will not change. For example, we can serve a web page or server by NAT’ting its ports 80 or 443.

Dynamic NAT

Dynamic NAT is useful for the clients where they do not serve anything to the WAN and just use the internet. In Dynamic NAT the IP address and port will change in every request or sessions. There will be no static configuration.

Overloading

Overloading is used to redirect single WAN IP address port numbers into multiple IP address port numbers in statically. This is useful where there is only a single WAN IP address but we need to NAT multiple IP address and port of servers.

NAT Configuration Of iptables On Linux

iptables is a popular Network tool used to route, NAT, block network traffic. We can enable NAT for our LAN with the following iptables configuration. We specify the eth1 for the LAN interface.

$ sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE