What Is NAT (Network Address Translation) and How It Works?
Network Address Translation a.k.a. NAT is a process or technique used to change IP address and TCP port numbers by an intermediate device like firewall, router, modem etc. There are different use cases for NAT but the most popular one is to use a single WAN IP address for multiple servers and client which is located LAN.
NAT has the following topology in general. NAT will occur on the router where a request made from LAN will translate into WAN IP address of the router.
LAN IP Address
LAN IP addresses are Private IP addresses which are like below.
- 192.168.0.0 – 192.168.255.255
- 172.16.0.0 – 172.31.255.255
- 10.0.0.0 – 10.255.255.255
If we look your IP address with the
ipconfig for Windows or
ip address Linux command we will see that our IP address is inside the range of the given IP address. These LAN IP addresses cannot be used on the internet so we require a new type of IP address without changing LAN IP address.
WAN IP Address
WAN IP addresses are named as Public IP Addresses. They are used on the internet and numbered between following addresses except for LAN IP Address
- 0.0.0.1 – 255.255.255.255
We can check our WAN IP address in different ways but Google is the most practical ne if we have a browser
what is my ip address
TCP and UDP Ports
TCP and UDP protocols are used to transmission of the data between hosts or client and server. During a NAT TCP and UDP port numbers are generally changes. As every TCP or UDP packet have a source port and destination port. These port numbers will be changed during a NAT operation.
How NAT Works
Now we will look at how NAT works step by step. We will use the following topology and steps for description.
- First, a packet will be created by the client which resides in the LAN. The packet source and destination IP address and port numbers will be like below.
- When the packet arrives at the router the given source IP address and port number will be changed. The source IP address will be the WAN IP address of the router. The source port number will be set by the router randomly or according to the given configuration. We can see that changed values in red boxes. New source IP address will be
220.127.116.11and source port number will
- This package will be redirected to the server on the internet. After the server process request and create packets for the response the source and destination IP address will be like below.
- When this packet arrives at the router it will NAT’ted or translated into the LAN and destination IP address and port number will be changed like below. The destination IP address will be
192.168.142.100and destination port number will be
There are different types of NAT operation.
If we want to provide an IP address or port completely into a LAN client IP address and port permanently we need to use static NAT where the NAT configuration will be static and will not change. For example, we can serve a web page or server by NAT’ting its ports 80 or 443.
Dynamic NAT is useful for the clients where they do not serve anything to the WAN and just use the internet. In Dynamic NAT the IP address and port will change in every request or sessions. There will be no static configuration.
Overloading is used to redirect single WAN IP address port numbers into multiple IP address port numbers in statically. This is useful where there is only a single WAN IP address but we need to NAT multiple IP address and port of servers.
NAT Configuration Of iptables On Linux
iptables is a popular Network tool used to route, NAT, block network traffic. We can enable NAT for our LAN with the following iptables configuration. We specify the
eth1 for the LAN interface.
$ sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE