NAT and PAT
Updated Jan 16, 2018 ·
Network Address Translation (NAT)
Network Address Translation (NAT) translates private IP addresses to a public IP address, allowing multiple devices on a local network to access the internet using a single public IP.
- Conserves public IP addresses.
- Hides internal network structure.
- Provides a basic level of security.
- Enables internal IP address management.
- Supports dynamic and static NAT configurations.
Sample diagram:
Types of NAT
-
Static NAT
- Maps a single private IP address to a single public IP address.
- Used for servers that need to be accessible from the internet.
-
Dynamic NAT
- Maps a private IP address to a public IP from a pool of available IPs.
- The pool of IP are available on a first-come, first-served basis
- Used for general internet access.
Port Address Translation (PAT)
Port Address Translation (PAT), a subset of NAT, maps multiple private IP addresses to a single public IP address using different ports, allowing multiple devices to share one public IP address simultaneously.
- Can be a hardware or software configuration.
- Normally enabled on the router, PAT hides the internal IPs.
- Enables multiple connections from different devices.
- Uses port numbers to differentiate traffic.
- Supports large-scale networks with limited public IPs.
- Often referred to as "NAT overload", or "NAT Gateway"
Almost similar to a forward proxy, but their differences are:
| Feature / Aspect | PAT (Port Address Translation) | Forward Proxy |
|---|---|---|
| OSI Layer | Layer 4 (Transport) | Layer 7 (Application) |
| Caching | No | Yes, can cache retrieved content |
| User Authentication | No | Can require users to authenticate before fetching requests |
| Function | Translates multiple private IPs to a single public IP with ports | Acts on behalf of clients to fetch content from the internet |
Sample diagram:
