Network Address Translation (NAT) and PAT Explained
How NAT prevents IPv4 address exhaustion by mapping private internal IPs to public external IPs on network boundaries.
Overview
Network Address Translation (NAT) is a networking process used by routers and firewalls to modify network address information in the IP header of packets while they are in transit. It is primarily used to map private, non-routable IP addresses to a single (or multiple) public IP addresses.
The Problem
The IPv4 protocol has a theoretical limit of roughly 4.3 billion unique addresses. With the explosion of internet-connected devices (smartphones, PCs, IoT devices), we effectively ran out of public IPv4 addresses years ago. If every device inside a corporate network or a home required a unique public IP to browse the web, the internet would have collapsed.
Solution and Configuration
NAT solves this by using Private IP ranges (like 192.168.x.x or 10.x.x.x) defined by RFC 1918 inside the local network. These private IPs are not routable on the public internet. When a packet leaves the network, the NAT router replaces the private Source IP with its own public WAN IP.
Cisco Dynamic NAT (PAT) Configuration:
interface GigabitEthernet0/0
ip nat inside
interface GigabitEthernet0/1
ip nat outside
ip nat inside source list 1 interface GigabitEthernet0/1 overload
Technical Details
There are several types of NAT. Static NAT maps a single private IP to a single public IP (used for hosting web servers). The most common type is Port Address Translation (PAT), also known as NAT Overload. PAT allows hundreds of internal devices to share a single public IP. It accomplishes this by appending a unique Source Port number to the router's public IP. The router maintains a NAT Translation Table in its memory to track which internal IP requested which website, ensuring the returning traffic is routed back to the correct internal device.
Conclusion
NAT was originally intended as a temporary band-aid to delay IPv4 exhaustion until the adoption of IPv6 (which has a near-infinite address space). However, NAT has become a permanent fixture in network architecture, also serving as a basic layer of security by hiding internal network topologies from the outside world.