Different Types of NAT Explained: A Comprehensive Guide

NAT (Network Address Translation)

1. Basic Definition

NAT is a crucial network technology that modifies the IP addresses (and even port numbers) in the headers of IP packets, mainly deployed at the gateway of an organization’s network exit. It enables internal networks using private IP addresses (defined in RFC 1918) to communicate with the public Internet. By translating private addresses into legal public IP addresses, it resolves the problem of IPv4 address exhaustion and also hides the internal network structure to a certain extent. The entire translation process relies on a translation table to record the mapping relationship between internal and external network sessions, which is transparent to terminals in most cases.

2. Core Types

NAT has various types to adapt to different network communication scenarios, with the following common ones:

Type	Full Name	Core Description
Static NAT	Static Network Address Translation	Establishes a fixed one-to-one mapping between private and public IP addresses. It is often used for internal servers that need to provide stable external services.
SNAT	Source Network Address Translation	Rewrites the source IP address and port of data packets. It is applied when internal hosts actively access the external network, converting the private source address into a public address.
DNAT	Destination Network Address Translation	Modifies the destination IP address and port of data packets. It is used for external devices to access internal network services, redirecting the public network access requests to the corresponding internal hosts.
NAPT/PAT	Network Address and Port Translation	Achieves many-to-one mapping by reusing port numbers. Multiple internal hosts share a single public IP address to access the Internet, which is widely used in families and small and medium-sized enterprises.
NAT64/NAT46	IPv6-IPv4 Translation NAT	Realizes intercommunication between IPv6 and IPv4 networks. It converts addresses between the two protocol versions to adapt to the transition period where both IPv4 and IPv6 coexist.
CGNAT	Carrier-Grade Network Address Translation	Adopted by Internet service providers (ISPs), it uses the NAT444 architecture to enable multiple users to share public IP resources, further delaying the exhaustion of IPv4 addresses.

3. Key Characteristics

Alleviates IPv4 Address Shortage: This is its core advantage. A large number of internal devices can share a small number of public IP addresses for Internet access, greatly reducing the demand for public IPv4 addresses.
Enhances Internal Network Security: Since external networks can only interact with the public IP address of the NAT gateway and cannot directly access internal hosts with private IP addresses, it forms a natural barrier to prevent unauthorized external access.
Breaks the End-to-End Principle: NAT modifies packet header information, which makes it difficult for devices inside and outside the network to establish direct point-to-point connections. This may cause compatibility problems with some protocols such as FTP and SIP, and additional technologies like Application Layer Gateway (ALG) are often required to solve such issues.
Transparency to Internal Terminals: Internal hosts do not need to manually configure address translation rules. The NAT gateway automatically completes the conversion of data packets, and the communication process is almost the same as direct access to the public network.

4. Working Mechanism

The basic working process of NAT is based on the mapping relationship recorded in the translation table, and the specific steps are as follows:

When an internal host sends a request to an external server, the data packet carries the private IP address as the source address.
When the packet passes through the NAT gateway, the gateway checks the translation table, replaces the private source IP (and port if it is NAPT) with a pre-assigned public IP (and corresponding port), and records this mapping relationship in the translation table.
When the external server sends a response packet, the destination address is the above public IP address.
The NAT gateway receives the response packet, queries the translation table to find the corresponding internal private IP address, replaces the destination address in the packet header, and forwards the packet to the correct internal host.

5. Typical Application Scenarios

Network Reconstruction Buffer: When an enterprise replaces its public IP segment or adjusts the internal network structure, NAT can reduce the workload of modifying configurations for a large number of internal devices by maintaining address mapping rules.

Home Network Sharing: Household routers use NAPT technology to allow multiple devices such as computers, mobile phones, and smart TVs to share a single public IP provided by the operator to access the Internet.

Enterprise Network Deployment: Enterprises assign private IP addresses to internal office devices. Through SNAT, employees can access external network resources. At the same time, DNAT is configured to map internal web servers or mail servers to public IPs, enabling external users to access these services.

IPv4-IPv6 Transition: In the network environment where IPv4 and IPv6 coexist, NAT64 or NAT46 is used to convert addresses between the two protocols, ensuring that devices using different IP versions can communicate with each other.