NAT — SNAT, DNAT, PAT & Port Forwarding

In the initial years of the internet….

In the initial years of the internet, computers on a private network connected to the internet in this way:

All the IPs in this setup are public IPs and this system poses 2 big problems:

To tackle these problems, NAT or Network Address Translation comes to the rescue. NAT is a technique in which a router or a similar device translates one IP address into another IP address. To be more specific, a router translates the private address of an internal host into a public IP address for outgoing traffic. And the opposite, the router also translates its own public IP address into a private one for the incoming traffic.

A point to be made is that private IP addresses are free to use but they are not routable.

In short, NAT improves security as it hides internal hosts’ IP addresses. Network Address Translation (NAT) is designed for IP address conservation. It enables private IP networks that use unregistered IP addresses to connect to the Internet.

There are 4 types of NAT:

SNAT allows internal hosts/servers to have a private IP address and still access the internet. But this kind of setup is wasteful of expensive public IPs. SNAT deals more with incoming traffic.

This setup is more secure as hackers can’t get the host address straight away. But still expensive.

Deals more with outbound traffic.



This series of posts is an ongoing effort to lay strong foundations of Cyber Security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store