The network address translation (NAT) table is what allows devices on a private network to access a public network, such as the internet.
There is often only one entry point between the public network and the private network, and that entry point is usually a router. The router itself has a public-facing IP address, but the devices on the private network (“hidden” behind the router) only have private IP addresses.
When data packets move from the private network to the public network, those private IP addresses need to be “translated” into a public IP address that’s compatible with the public network. Same for data packets coming in from public network to private network.
How NAT Tables Work
The NAT table is exactly what it sounds like: a table of network address translations, where each row in the table is basically a mapping from one private address to one public address.
There are several types of devices that are NAT-enabled, but routers are the most common for home users so we’ll use them for our examples.
When the router receives a request from a device on the private network, the data packets are set aside so that certain alterations can be made. First and foremost, each data packet’s “Source IP” is changed from the private IP address (e.g. 192.168.0.100) to the router’s public IP address (e.g. 126.96.36.199). Other minor details are changed, too.
The router then creates an entry in its NAT table. To do this, it needs to know the destination address of the data packet. When an outside data packet comes from the public network to the private network, the router compares it with the NAT table to know to which private device it’s meant to go.
Each row in the NAT table is a pairing of private IP address with outside destination address and port. This pairing is called a connection. Each device on the private network can have multiple active connections.
Once the NAT entry is created, the router pushes the data packet to the public network, to its intended destination IP address. If a data packet comes in from the public network, its “Source IP” is changed to the target device’s private IP address, then pushed to the private network.
Lastly, to avoid ambiguities, modern NAT techniques incorporate port numbers in addition to IP addresses. This makes it possible to track app-to-app connections between private devices to public devices. Such techniques are called network address and port translation (NAPT), port address translation (PAT), among others.
Potential Issues With NAT Tables
Every entry in a NAT table requires a certain amount of memory to store connection details. In theory, if you have too many active connections, the NAT table could fill up. If that happens, current connections won’t be affected but new connections will be refused.
For internet traffic, a typical NAT table entry requires about 160 bytes. That’s negligible in the big picture. To put it into perspective: 100,000 NAT table entries of that size would only take up about 15 MB of RAM. Even the cheapest routers have enough for that.
In other words, NAT tables rarely fill up these days, and RAM is rarely the bottleneck for a poorly performing router. But there is a more common issue to know about.
Cheap Router, Slow Router
Routers, especially cheap ones, are often equipped with weak CPUs because they aren’t designed to handle heavy processing loads. It’s not like you’re calculating physics or processing 3D animation directly on your router, right?
But network address translation can be a processing-heavy task!
Every single packet that leaves the private network needs to be translated, and every single packet that comes in from the public network needs to be translated. Each individual translation may be simple enough, but with heavy internet use, it all adds up.
Here’s my network activity while browsing the web, with one 720p YouTube video open in a tab and a dozen other tabs for various websites, all in the Edge browser.
The top nine processes are using an average of 1,182,149 bytes per second. Every network interface has a maximum transmission unit (MTU), which is the largest size that a data packet can be. Ethernet and Wi-Fi have an MTU of 1,500 bytes.
My computer, doing nothing more than watching a YouTube video, is putting a minimum load on my router of 788 packets per second. That’s assuming the bytes are all divided into 1,500-byte packets, which isn’t the case in real world usage. Somewhere between 1,000 to 3,000 packets per second is more realistic.
The load is worse during bandwidth-intensive activities, such as multiplayer gaming and torrenting. In fact, torrenting is so intensive that it’s the primary cause of NAT issues for home users today. (Open connections to dozens/hundreds of peers, with each connection involving high-speed downloads and uploads.)
And it’s not just my computer on my private network. I have a smartphone, tablet, smart TV, plus a handful of other devices for the rest of the people sharing my living space. They all need network address translations too!
At the end of the day, we’re talking thousands and thousands of data packets per second, all translated by a weak CPU that can’t keep up. It’s one reason why cheap routers are prone to slowing down.
Is There Anything You Can Do?
For one-time hiccups, a router restart can be enough to clear the NAT table and start from zero. If it’s a regular occurrence, it may not be the RAM but the CPU that’s causing trouble.
In that case, it’s time to upgrade your router. You don’t have to shell out a wad of cash for a top-end model. That said, stay away from the budget options. Those are better suited for light home users. Still not sure what to get? Check out our recommended Wi-Fi routers.
Lastly, whether you upgrade or don’t, be sure to secure your home network. It doesn’t take much effort but the benefits are massive.
Now that you know what a NAT table is and how it works, do you have any remaining questions? Got any other tips to add? Let us know in the comments down below!