You may have heard of something called an IP address. If you haven’t already, start by reading our article explaining the concept, but for this NAT (Network Address Translation) article, you should know that IP addresses are restricted. You also cannot have two devices on a network with the same IP address†
The problem is that different networks, such as your home network and computers on the Internet as a whole, will inevitably have the same IP addresses or have incompatibilities in the way their network addresses are set. NAT solved both the problem of IP address scarcity and incompatible networks that need to talk to each other.
Most of the time it’s not something you need to worry about, but sometimes your internet problems are the result of a bug in NAT. So having a basic understanding of what NAT is and how it works can help solve the problem.
Where does NAT happen?
In the case of regular users like us, NAT is a task handled by your router. The router has a IP address assigned to it by your service provider† That’s the address that the rest of the internet sees. Each device on your home network is assigned a private IP address, which is what they will use to talk to each other.
When a device in your network wants to communicate with the outside world, the router takes its place. The router has a public IP address, which everyone sees. It keeps track of which private IP addresses have requested which traffic and ensures that the data packets are routed to the correct device.
Private vs Public IP Addresses
Before we get into the types of NAT you’ll encounter, it’s a good idea to quickly discuss private and public IP addresses.
By convention, certain ranges of IP addresses are reserved for specific purposes. Public IP addresses are reserved for Internet-facing devices, such as your router or web servers. Your ISP assigns a public IP address to your router and that is the address that all outsiders on the internet see. Usually a private Internet address is something like 192.168.0.X or 10.1.1.X, but this varies from router to router. While private addresses must be unique within a private network, they are almost certainly the same between private networks.
A public IP address, as mentioned above, is the one seen by everyone on the internet. When you visit a website, your browser is connected to the public IP address. Typically, home routers do not allow direct access through the public IP address not initiated by them. This means you can’t just type the public address of your friend’s router and access devices on their network.
However, some web services and devices, such as video game consoles, need a more lenient approach. This is where different NAT types come into play. Often problems arise because the NAT type of your connection is not suitable for the type of service you are trying to use. We’ll go into more detail about NAT types next.
While the basic idea of what NAT is isn’t overly complicated, in practice there’s a lot of nuance in how it really works. There are different types of NAT that are suitable for different translation needs.
The static style of NAT maps one specific private IP address to a specific public IP address. With static NAT, it is possible to directly access the device assigned to the public address.
This is the type of NAT used for web servers that are also part of a private network. When you access the server through this static card, you also cannot access the other devices on its private network. However, the server itself can talk to the devices on its private network without any problem.
Dynamic NAT is used when you have a pool of public IP addresses that you want to dynamically assign to the devices on your private network.
This is not used to access the web server from outside the network. Instead, when a device on the private network wants to access the Internet or another resource that is not on the private network, it is assigned one of the public IP addresses in the pool.
NAT Overload (PAT)
With elements of both static and dynamic NAT, the NAT overload style is the most common form and is what most home routers use. It is known as NAT with Port Address Translation (PAT) among other things.
In most cases, your router is assigned a single public IP address, but most of the devices on your network probably want Internet access. By using NAT overload, the router creates a connection between its public IP address and that of the server. It then forwards the packets to the server, but also assigns a return destination port.
This helps it know which packets go to which IP address on your private network. That’s the PAT part of the process, by the way.
Patented NAT types
To confuse things even more, some companies have decided to stick their own NAT ratings on things. This usually applies to game consoles and you will find that when you do a network test it will tell you that you are using something like NAT Type 2 or NAT Type D.
These ratings are specific to the console or device manufacturers and you should check their official documentation to find out what each rating actually means.
Common Solutions to NAT Problems
Usually NAT works perfectly for most people and with full transparency. However, sometimes it doesn’t work properly or gets in the way.
Again, game consoles are most likely to run into problems, as some of their services require your network to accept access requests to your public IP address from outside, as standard NAT configurations usually don’t allow this. The good news is that there are a few common solutions you can try to make NAT less restrictive and allow inbound connections.
First, go to your router (according to the manual) and make sure UPnP (universal plug-and-play) is enabled. This feature allows applications on your local network to automatically forward ports without having to fiddle with network settings. Keep in mind that malicious software on your network, such as malware, can also use UPnP. Make sure all your devices are scanned and wiped when using this feature.
You also have the option to manually do port forwarding so that devices that require a less strict connection can get it on a case-by-case basis.
It’s only natural
That’s all you need to know about what NAT is to get you started. The real nuts and bolts of how NAT works can get complicated quickly, but as long as you understand what NAT does at a high level and why it sometimes goes wrong, you’ll also understand why certain fixes may or may not work when you run them in network issues.