Other Interesting Articles
3. NAT Overloading (PAT)
NAT Overloading, also known as PAT (Port Address Translation), is a network address translation technique that allows several devices in a private network to use a single public IP address to access the internet.
Unlike Static or Dynamic NAT, NAT Overloading utilizes port numbers as identification. Each private device connected to the internet will be assigned a unique port, which is connected by a single public IP address.
With this method, the router can recognize the device that is communicating based on a combination of public IP address and port number. This makes NAT Overloading very efficient, especially on networks that have multiple devices but only have one or more public IP addresses.
How One Public IP Can Serve Multiple Private Devices Using Ports
For example, a private network has multiple devices with private IP addresses, such as:
- 192.168.1.2
- 192.168.1.3
- 192.168.1.4
The network has only one public IP address, for example, 203.0.113.1. Using NAT Overloading, the router will perform the following translations:
- The device 192.168.11.2 sends a request to the internet. The router will change its IP address to 203.0.113.1112345, where 12345 is a unique port number.
- The 192.168.11.3 device also sends a request, and the router changes it to 203.0.1113.1:12346, with a different port number.
- Likewise with the device 192.168.11.4, which translates to 203.0.113.1:12347.
When a reply from the internet is received, the router will use the port number to determine which devices in the private network are supposed to receive the data.
Benefits of NAT Overloading (PAT)
By utilizing a single public IP address for several devices, NAT Overloading contributes to saving limited IP address resources.
It is ideal for networks that have multiple devices that require internet access at the same time, such as on a home or small office network.
Devices in a private network remain invisible to the internet because only public IP addresses are exposed, thus increasing protection against possible attacks.
Through NAT Overloading, networks can effectively manage internet connectivity for various devices without the need to use multiple public IP addresses.
NAT Working Process
The NAT (Network Address Translation) process begins when a device in a local network that has a private IP address wants to connect to the Internet. When a request is sent, the router that manages the NAT translates the private IP address into a public IP address.
These routers are equipped with NAT tables that store information regarding the relationship between private and public IP addresses. When the request goes out, the router replaces the private IP address with the corresponding public IP address from the NAT table before sending the data packet to the internet.
How NAT Tables Work: Internal (Private) and External (Public) Columns
The NAT table on a router consists of several columns, including columns for internal (private) IP addresses and external (public) IP addresses. Whenever a translation is performed, the router records these relationships in a table. For example, if a device with the private IP address 192.168.1.10 sends a request to the internet, the router will log this relationship.
| Internal IP Address | External IP Address |
| 192.168.1.10 | 203.0.113.5 |
When a data packet arrives from the internet, the router utilizes the NAT table to convert the public IP address back to the appropriate private IP address and then sends that data to the appropriate device in the local network.
Case Study: Interaction between Devices on Private Networks and the Internet
Suppose there are two devices on the local network: PC1 with a private IP address of 192.168.1.2 and PC2 with a private IP address of 192.168.1.3. When PC1 attempts to access a website on the internet, here are the steps that occur:
- Request from PC1: PC1 sends a request to the website (e.g., www.example.com). This data packet has a source address of 192.168.1.2.
- Translation by Router: The router receives the packet and identifies that the source address is private. The router then replaces the source address with a predefined public address (for example, 203.0.113.5) and records the association in the NAT table.
- Delivery to the Internet: Translated data packets are now sent to the Internet with the source address 203.0.113.5.
- Replies from the Website: When a website provides a reply, it will be sent to the public address 203.0.113.5.
- Return to PC1: The router receives the reply and uses the NAT table to convert the public address 203.0.113.5 back to the private address 192.168.1.2 before sending the packet back to PC1.
In this way, devices in a private network can communicate with the internet even if they use a private IP address that cannot be recognized by external networks, thanks to a translation mechanism managed by the router through its NAT table.