NAT - Address Translation

Address Translation
  • The Concept of NAT
  • Address Space
  • Static Translation
  • Dynamic Translation
  • More Information

The Concept of NAT

The process of network address translation (NAT) was developed in order to respond to the lack of IP addresses with the IPv4 protocol (the IPv6 protocol will propose a solution to this problem).

In IPv4 addressing, there are not enough routable IP addresses (i.e. unique worldwide) to allow all the machines that need to be connected to the Internet to be connected.

The concept of NAT consists in using a routable IP address (or a limited number of IP addresses) to connect all of a network's machines by translating, at the Internet gateway, between the internal (non-routable) address of the machine that wants to be connected and the gateway's IP address.

Address Translation

Additionally, the process of translating addresses allows companies to secure the internal network as long as it conceals the internal addressing. To an observer outside of the network, all the requests look like they are coming from the same IP address.

Address Space

The organizm that manages public address space (routable IP addresses) is the Internet Assigned Number Authority (IANA). The RFC 1918 defines a private address space that allows organizations to assign IP addresses to its internal network's machines with no risk of conflicting with a public IP address assigned by the IANA. These so-called non-routable addresses correspond to the following address ranges:

  • Class A: range from to
  • Class B: range from to
  • Class C: range from to

All the machines of an internal network that are connected to the Internet by way of a router and that do not have a public IP address must use an address contained in one of these ranges. For small French networks, the address range from to is generally used.

Static Translation

The concept of static NAT consists in matching a public IP address with a network internal private IP address. A router (or more precisely the gateway) matches a private IP address (e.g. with routable public IP address on the Internet and in a sense performs the translation by modifying the address in the IP packet.

Translating static addresses allows you to connect internal network machines to the Internet transparently but does not resolve the address shortage problem because n routable IP addresses are needed to connect n machines to the internal network.

Dynamic Translation

Dynamic NAT allows you to share a routable IP address (or a reduced number of routable IP addresses) between several privately addressed machines. Thus, all the machines of the internal network externally have the same virtual IP address. This is why the term "IP masquerading" is sometimes used to process of dynamic NAT.

In order to be able to "multiplex" (share) different IP addresses with one or several routable IP addresses, dynamic NAT uses Port Address Translation, i.e. the assignment of a different source port to each request in order to maintain a correspondence between the requests coming from the internal network and the responses of the machines on the Internet, all of which are addressed to the router's IP address.

More Information

For more information, please refer to RFC 3022:

Article written by Jean-François PILLOU

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jean-François Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.
This document, titled « NAT - Address Translation », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (