“Every expert was once confused by the basics”
Unknown
NAT, or Network Address Translation, is one of those networking topics that sounds complicated at first, but is actually everywhere.
Every device on a network uses an IP address to communicate. But in many networks, especially home and company networks, internal devices use private IP addresses that cannot be routed directly on the Internet.
That is where NAT comes in.
NAT allows a router or firewall to translate private IP addresses into public IP addresses, and sometimes also translate port numbers. This makes it possible for many internal devices, like laptops, phones, servers, and virtual machines, to access the Internet using one or more public IP addresses.
In this series, we will go through NAT step by step. We will look at the different NAT types, how packets change while passing through a router/firewall, and why NAT is so important in real networks.
The goal is simple: explain NAT in a practical, beginner-friendly way without focusing on one specific vendor.
General note
This NAT series is written for beginners and is meant to be approached from a theoretical point of view. The goal is to understand how NAT works, why it exists, and what happens to packets when they pass through a router or firewall.
To keep the series focused, I intentionally leave out related topics such as DNS lookups, DHCP, firewall rules, routing protocols, certificates, reverse proxies, and other surrounding technologies unless they are directly needed to explain a NAT concept.
In real networks, all of these topics often work together. But in this series, we keep the focus on NAT itself.
Diving (un)deep in NAT
This series explains NAT in a practical and beginner-friendly way. We start with the basics, then move into real-world NAT behavior, traversal problems, ISP setups, and advanced NAT concepts.
Diving (un)deep in NAT – PART 1
Chapter one – Introduction & NAT Types
In the first part, we start with the basics. What is NAT, why does it exist, and what actually happens to packets when they pass through a router or firewall? We also go over the most important NAT types, such as Basic NAT, NAPT/PAT, port forwarding, bi-directional NAT, Twice NAT, and Multihomed NAT.
- What NAT is
- Why private IPs need translation
- Basic NAT
- NAPT / PAT
- Port forwarding
- Bi-directional NAT / 1:1 NAT
- Twice NAT
- Multihomed NAT
Diving (un)deep in NAT – PART 2
Chapter two – NAT Behavior, Traversal & Real-World Limitations
In the second part, we go deeper into how NAT behaves in real networks. This chapter focuses on NAT traversal, mapping versus filtering, port preservation, two-way communication, CGNAT, hairpinning, and the common applications that can break or behave differently behind NAT.
- NAT Traversal
- Does NAT provide security?
- Methods of translation
- NAT mapping vs NAT filtering
- Types of NAT and NAT traversal
- Role of port preservation for TCP
- Establishing two-way communication
- Variant terms
- CGNAT / NAT444
- NAT Hairpinning
- Applications affected by NAT
- ISP Internet: DMZ vs Bridging
Diving (un)deep in NAT – PART 3
Chapter three – Advanced NAT Principles
In the third part, we look at the more advanced and less common NAT-related concepts. These are not always used in a normal home or company network, but they are useful to understand when studying the broader world of address translation.
- NAT64 / DNS64
- NPTv6
- RSIP as a historical / advanced concept