Network address and port address translation
Network address translation (NAT) is the process of mapping a private IP address to a public IPv4 address. There are a limited number of public IPv4 addresses (about four billion) but far more devices in the world. NAT helps overcome this limitation by mapping a pool of computers connected to a local area network to a single IPv4 address.
Port address translation is an extension of NAT and is the process of mapping a combination of private IP and port to a public IP and port.
For example, your home router is typically assigned a single public IP address from an ISP (e.g., 101.89.1.12). All the devices (phones, tablets, PCs, etc.) that connect to your home Wi-Fi network are assigned a private local IP address (usually in the range 192.168.0.0 – 192.168.255.255) but are accessible from the public network by a single IP address (e.g., `101.89.1.12`).
Whenever a process in a device within your Wi-Fi network wants to send some packets to a process on a device on a remote network, NAT changes the private source IP address and port on the packet (e.g., 192.168.1.1:9688) to a public IPv4 address and port (e.g., `101.89.1.1`2:8801).
Once it’s changed the packet’s source IP and port, it forwards it onto the network. When the process on the destination host receives the packet, it will see the source IP and port as the translated public IP and port (e,g., 101.89.1.12:8801). So, when it wants to send packets back to the original process, it will use this public IP and port as the destination IP and port in its own packets.
When these packets reach the source network router, NAT will translate the public IP and port (e.g., 101.89.1.12:8801) back into the local private IP and port (e.g., 101.89.101.12:9688) and direct the packet to the correct device (using the private IP) and then to the correct process within that device (using the port).
Private network IPv4 addresses fall into one of three categories:
| Name | RFC 1918 name | IP address range | Number of addresses |
|---|---|---|---|
| Class A | 24-bit block | 10.0.0.0 – 10.255.255.255 | 16,777,216 |
| Class B | 20-bit block | 172.16.0.0 – 172.31.255.255 | 1,048,576 |
| Class C | 16-bit block | 192.168.0.0 – 192.168.255.255 | 65,536 |