Pinterest Stumbleupon Whatsapp
Advertisement

It’s ironic how one of the biggest threats to the Internet was a product of of nobody predicting how popular it would be.

Until recently, the predominant way to assign IP addresses to computers was with the IPv4 system IPv6 vs. IPv4 : Should You Care (Or Do Anything) As A User? [MakeUseOf Explains] IPv6 vs. IPv4 : Should You Care (Or Do Anything) As A User? [MakeUseOf Explains] More recently, there's been a lot of talk about switching to IPv6 and how it will bring a lot of benefits to the Internet. But, this "news" keeps repeating itself, as there's always an occasional... Read More . This allowed the creation of roughly 4.3 billion possible IP addresses, a significant portion of which were shared out to regional Internet authorities in blocks of 16.8 million.

Quite early on, it became all to apparent that there wouldn’t be enough supply to satiate the immense demand. With the exhaustion of the IP address supply looking inevitable, people looked for ways to ‘share’ IP addresses with more than one system. Thus, Network Address Translation was born (NAT), and the Internet was saved.

What is Network Address Translation?

For a computer to communicate with the Internet as a whole, it must have an IP address. Using the IPv4 system, these are unique, 32-bit numbers that are broken up into four different binary octets. It doesn’t matter whether it’s a server, or a computer, or an Xbox. If it doesn’t have an IP address, it’s not getting online.

NAT-IPs

But, there simply isn’t enough IP addresses to go around to give each host their own address. So, in order to make better use of the extremely limited address space available, we use Network Address Translation.

Advertisement

Network Address Translation allows a single device to sit between a local area network and the Internet, and forward traffic to the appropriate host. You probably know this as your router. The advantage of this is multiple computers can share the same IP public address.

This single device (usually a router How Does a Router Work? How Does a Router Work? Routers may seem complicated and beyond your understanding, but they're actually quite simple. Read More , switch, or hardware firewall) modifies IP packet headers on the fly, ensuring that the contents of the packet get to the intended destination.

nat-router

However, it comes with a downside, as it becomes exponentially harder for hosts outside the local network to communicate with servers that are located behind the router.

There are multiple ways in which Network Address Translation can work, with the three of the most common being Dynamic NAT, Static NAT, and Overloading.

Dynamic NAT

With Dynamic NAT, a router will maintain a list of public IP addresses. When a host behind the network needs to transmit or receive, the router will select one of the public IP addresses that is not currently in use, and forward any packets accordingly. As a result, this means a host’s IP address can change at any given moment.

But crucially, it means a large pool of hosts can share a significantly smaller pool of IP addresses. This was vital, given the impending exhaustion of the available pool of IPv4 addresses.

Overloading

A common way of performing network address translation is through something called ‘Overloading’, where multiple internal IP addresses are mapped to a single public IP address.

This is done by giving each internal host a corresponding port. For instance, suppose you’ve got three computers on an internal network, and a public IP address of 212.18.123.123. Each of those internal computers could theoretically be accessible via 212.18.123.123:2001, 212.18.123.123:2002 and 212.18.123.123:2003.

This is commonly known as Port Address Translation (PAT), Single-Address NAT, and port-level multiplexed NAT.

Static NAT

Finally, let’s talk about Static NAT.

Internal networks, like your home or office network, do not use the same IP addressing system that’s used on the public Internet. Any networked device effectively has two IP addresses. The first is a private one, and that’s only reachable from within that network. The second is the one that’s externally accessible.

Static NAT makes it possible to create a direct, one-to-one link between a private IP address and a static, public IP address What Is A Static IP Address, How Do I Get One & Its Advantages / Disadvantages What Is A Static IP Address, How Do I Get One & Its Advantages / Disadvantages Read More .

This, of course, will do nothing to mitigate against IPv4 address exhaustion. But that’s beside the point. If you want to expose a web server to the Internet, for example, you’re going to want to ensure that its IP address stays the same. Static NAT allows you to do that.

But What About IPv6?

The world is rapidly transitioning from IPv4, with its savagely limited addressing space, to IPv6 IPv6 & The Coming ARPAgeddon [Technology Explained] IPv6 & The Coming ARPAgeddon [Technology Explained] Read More , which can support a theoretical total of 2^128 IP addresses.

To adequately express the enormity of that, that’s the equivalent of 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand and 456.

nat-ipv6

That’s a lot of IP addresses.

So, with that in mind, do we need Network Address Translation any more, given that there’s a glut of available IP addresses that will almost certainly never be exhausted?

Well, NAT comes with some other key benefits. Perhaps the most obvious is the fact that it inadvertently acts as a ‘firewall’ How Does A Firewall Work? [MakeUseOf Explains] How Does A Firewall Work? [MakeUseOf Explains] There are three pieces of software that, in my opinion, make the backbone of a decent security setup on your home PC. These are the anti-virus, the firewall, and the password manager. Of these, the... Read More to any systems behind the router. Any services running from within that network (be that a private file server, or a private web server running a Wiki) are inaccessible outside of that network.

Simply put, NAT drastically improves the security of any system behind it.

Conclusion

NAT is an ostensibly dry technology, that’s almost impenetrable to understand. But don’t let that fool you. Without it, the Internet would look radically different.

Got any thoughts? Let me know. Drop me a comment below, and we’ll chat.

Image credit: IPv6-IPv4 by Abode of Chao

Leave a Reply

Your email address will not be published. Required fields are marked *