Tuesday, September 6, 2022

What Is NAT and PAT?

When computer networks were first starting out, many design decisions were made. Which, in hindsight, were flawed. One example is the lack of security features. Many early protocols, such as HTTP, Telnet, and FTP, assume that all network traffic is legitimate, sent by good actors, and transmitted by trustworthy intermediaries. This later required the addition of secure alternative protocols such as HTTPS, SSH, and FTPS. While this has taken a lot of work to resolve and deploy to servers and clients, it’s not the biggest misstep from the early internet.

IPv4 or the Internet Protocol version 4 is the addressing structure used for computer networks and to communicate over the internet. It has a structure that allows for a maximum of 4,294,967,296 addresses. While 4.3 billion IP addresses may sound like a lot, that is less than one per human being currently alive. Most people in western countries, at least, have more than one internet-connected device each.

Clearly, IPv4 address space is an issue. Unfortunately, in the internet’s early days, this issue was exacerbated by assigning out vast ranges of IP addresses to organisations that could never use them. This practice was adjusted twice, once with the introduction of the classful addressing system. Later with the introduction of the CIDR or Classless Inter-Domain Routing system. Both of these solutions helped to stave off address space exhaustion.

Another key feature was the private address space. This allocated a few address blocks to be used for internal networks that could not be routed to the larger internet. This allows every Local Area Network or LAN to share the same address space, massively reducing the address space pressure.

NAT

The problem with using a private addressing scheme for internal networks is that you can’t directly communicate with the internet. Any packet you transmit from your local network will have your private IP address. No one else will know which network to send the response back to.

To get around this issue, NAT or Network Address Translation was designed. NAT allows a device, typically the edge router, to edit all network traffic. This sounds sketchy, but the only part that it can change is the source and destination IP address and port number. The router then keeps a table tracking all connections and address translations allowing it to identify relevant responses and redirect them to the appropriate device.

Note: Technically, NAT can also edit the checksum of a packet. The important thing is it can’t edit the actual data, just the addressing.

NAT can be configured one-to-one, giving each device its public IP. NAT is, however, generally deployed in a many-to-one topology where the entire network shares one public IP address. This technically involves the use of the related PAT or Port Address Translation. As you might guess this refers to translating and keeping track of port numbers, again by the router. While it’s technically more correct to specify that you mean both NAT and PAT. NAT is generally assumed to be both, as almost all deployments of NAT use both NAT and PAT.

How Does NAT Actually Work?

Let’s consider an example home network. It has a few devices on it as well as the router. The router is issued a public IP address by the ISP. A computer in the network then wants to load a Technipages article. The computer sends its request via the router with its private IP address. The router then changes the source address in the network packet, to be the public IP address and an unused port number. Critically, the router keeps track of this translation.

A little later, the router receives the reply from Technipages to the same port number. It then checks its translation table to determine which local device to forward the traffic to. Suppose the router finds a match in the translation table. In that case, it then replaces the destination IP address and port in the packet with the computer’s original IP and port number.

There are three main advantages here. First, devices on a privately addressed network can communicate with the public internet. Secondly, NAT acts as a sort of firewall, any unexpected communication into the network, doesn’t map to an entry in the translation table and is simply dropped. Finally, all this happens transparently to the user. They don’t need to know it even happens.

There are some issues, though. For example, if you have a server that you want other people from the internet to be able to access, this isn’t possible with just NAT. There is a solution to this, however, called port forwarding.

https://cordis.europa.eu/project/id/30656
https://docs.microsoft.com/en-us/xamarin/cross-platform/partners/
https://make.wordpress.org/marketing/2018/02/28/wordpress-jargon-glossary/
http://www.emro.who.int/health-topics/health-workforce/index.html
https://make.wordpress.org/test/2017/11/22/testing-flow-in-gutenberg/
https://community.godaddy.com/s/question/0D53t00006VmTbsCAF/domain-purchased-but-not-visible-in-domain-manager
https://www.mysql.com/cn/industry/government/
https://official-blog-tw.line.me/archives/46985282.html
https://squareup.com/us/en/townsquare/get-paid-faster-with-scheduled-invoices
https://www.iubenda.com/blog/fines-coppa-non-compliance-750000/
https://www.xing.com/communities/groups/social-media-versicherungsbranche-1063865
https://newsroom.pinterest.com/en/post/july-pinterest-insights-summers-brightest-fashion-the-best-baby-pool-floats-and-backyard
https://woocommerce.com/showcase/jinja-gift-shop/
https://www.intuit.com/blog/customers/self-employed/we-the-prosperous-meet-kimatra/
https://lists.w3.org/Archives/Public/www-style/2004May/0285.html
https://about.usps.com/postal-bulletin/2011/pb22310/html/info_001.htm
https://pear.php.net/manual/en/package.mail.mail-imap.intro.php
https://pt.wix.com/blog/2016/02/criando-o-menu-certo-para-seu-site-as-6-melhores-opcoes-para-2016/
https://soundcloud.com/letsbuyhappiness/fast-fast
https://docs.google.com/viewer?a=v&pid=sites&srcid=ZGVmYXVsdGRvbWFpbnxwYWNrMjM2fGd4OjQyZmU1ZWIwOTI5YjkzNGQ
https://www-archive.mozilla.org/xpapps/performance/tests/bookmarks.html
https://pages.ebay.com/cr/en-us/storefronts/designdirectory.html
https://www.snapchat.com/add/nesmhp
https://www.dreamhost.com/blog/new-and-improved-dreamcompute-available-for-all/
https://blogs.opera.com/india/2015/01/celebrating-opera50m-users-share2celebrate-contest/
https://blog.developer.atlassian.com/codegeist-2021-winning-forge-apps/
https://drexel.edu/cci/stories/water-tracking-farming-sustainability-apps-take-top-prizes-at-philly-codefest-2020/
https://phabricator.wikimedia.org/T161609
https://www.surveymonkey.com/r/TECHHIGHERAPPRENTICESHIPS
https://elections.huffingtonpost.com/pollster/polls/benenson-d-cmm-9530
https://store.steampowered.com/news/posts/?feed=kotaku&enddate=1342673999
https://elearning.adobe.com/2015/08/lms-from-adobe/
https://www.dailymail.co.uk/home/you/article-2047548/The-plus-Meet-women-flying-flag-fuller-figure.html
https://www.nsf.gov/pubs/2006/nsf06599/nsf06599.htm
https://en.wikipedia.org/wiki/Cyberinfrastructure
https://www.usenix.org/legacy/events/worlds06/tech/prelim_papers/walker/walker_html/
https://dribbble.com/shots/651833-Icon-Set
http://www.ks.uiuc.edu/Research/namd/mailing_list/namd-l.2003-2012/9598.html
https://forums.cpanel.net/threads/godaddy-ucc-multiple-domain-ssl-and-whm.101193/page-2
https://www.bluehost.com/blog/behind-the-website-joshuart/
https://www.klarna.com/international/press/stop-the-bots-klarna-highsnobiety-wants-passion-to-win-for-sneakerheads/
https://www.ugr.es/~jfernand/investigacion/papers/mpitb_papers.html
https://www-archive.mozilla.org/xpapps/performance/tests/bookmarks.html
https://icl.utk.edu/ctwatch/index.html
https://zims-en.kiwix.campusafrica.gos.orange.com/wikipedia_en_all_nopic/A/Cyberinfrastructure
https://fr.wikipedia.org/wiki/Cyberinfrastructure
https://www.washingtonpost.com/opinions/the-consequences-of-the-oil-bust/2015/08/20/7c98defe-4770-11e5-846d-02792f854297_story.html
https://www.businessinsider.com/iraq-oil-price-plunge-fiscal-cliff-2016-2
https://ethnobiomed.biomedcentral.com/articles/10.1186/s13002-016-0081-3
https://www.e-ir.info/2021/07/27/isis-use-of-sexual-violence-as-a-strategy-of-terrorism-in-iraq/
https://www.scirp.org/html/3-6303220_70025.htm
https://www.businessinsider.com/iraq-oil-price-plunge-fiscal-cliff-2016-2
https://en.wikipedia.org/wiki/Dhi_Qar_Governorate
https://fi.wikipedia.org/wiki/Irak
https://www.oecd.org/daf/competition/competition-intellectual-property-standard-setting.htm
https://www.ftc.gov/news-events/news/press-releases/2013/04/ftc-chairwoman-edith-ramirez-participate-international-competition-network-conference-warsaw-poland
https://globalcompetitionreview.com/review/the-antitrust-review-of-the-americas/the-antitrust-review-of-the-americas-2014/article/international-competition-network
https://uokik.gov.pl/koncentracje.php?news_id=10364
https://dev.competitionpolicyinternational.com/the-icn-s-12th-annual-conference-in-1000-words-or-less/
https://github.com/projectinterzone/ITZ
https://bitcointalk.org/index.php?topic=2158960.0
https://www.sec.gov/enforce/public-alerts/fictitious-regulators/international-regulators-board
https://codemirror.net/3/doc/realworld.html
https://www.crunchbase.com/organization/laborate
https://unpkg.com/xml-lite@0.8.1/dist/lib/codemirror-5.18.2/doc/realworld.html
http://edition.cnn.com/2004/BUSINESS/08/04/maternity.leave/index.html
https://www.netmums.com/coffeehouse/work-692/working-mums-689/371960-parental-leave-advice.html
https://www.personneltoday.com/hr/cash-is-the-word-as-mums-are-forced-to-rush-back-to-work/
http://www.pbs.org/wgbh/frontline/article/afghanistans-opium-brides-who-is-working-on-the-issue/
https://foreignpolicy.com/2011/03/08/the-politics-of-afghan-womens-rights/
https://www.elegantthemes.com/blog/resources/a-birds-eye-view-of-the-wordpress-community-how-to-get-involved
https://docs.google.com/forms/d/e/1FAIpQLSdRQ1jafAbgFd4kVbbP0Wsd5DN8g8xj4jnTHbUP1zupgjAR4w/viewform
https://forum.icann.org/lists/stld-rfp-mail/msg00061.html
https://bugs.mysql.com/bug.php?id=7817
https://bugs.php.net/bug.php?id=29646&edit=2
https://coaches.xing.com/profile/Wolfgang_Fiebig
https://evernote.com/blog/7-tips-from-experts-watch-productivity-soar/
https://blakesmalltalkblog.dailymail.co.uk/2015/07/let-the-40th-celebrations-begin-.html
https://people.com/human-interest/philly-woman-throws-her-breasts-a-goodbye-party-after-cancer-diagnosis-ta-ta-to-my-tatas/
https://www.inquirer.com/philly/blogs/the-insider/Bop-Brent-Celek-Korean-inspired-bar-Broad-St.html
https://www.yahoo.com/lifestyle/philly-woman-throws-her-breasts-181320663.html
https://philly.eater.com/2016/9/2/12771488/reviews-bop-south-helm-craig-laban-jason-sheehan-restaurants-philly
https://www.phillymag.com/news/2017/04/20/former-eagle-blasts-team-restructuring-celeks-contract/
https://bugs.mysql.com/bug.php?id=6662
https://www.addthis.com/blog/page/91/#.YxbMEbRBwuU
https://www.ics.uci.edu/~johannab/research.html
http://blogs.harvard.edu/digitalnatives/2007/12/
https://listserv.acm.org/SCRIPTS/WA-ACMLPX.EXE?A2=CHI-INTERCULTURAL;12cf3724.0806A&FT=&P=T&H=&S=
https://blogs.lse.ac.uk/polis/2007/09/10/toilet-humour/
http://www.demtech.qmul.ac.uk/research/outputs/panelseeding/
https://www.vice.com/en/article/v749p3/theres-no-such-thing-s-independent-music-in-the-age-of-coronavirus
http://www.slate.fr/story/189144/concert-live-distance-stream-concerts-duree-avenir
https://blog.patreon.com/musicians-patreon-coronavirus
https://www.buzzsprout.com/1004689/4030124
https://exclaim.ca/music/article/devon_welsh_and_zola_jesus_launch_livestream_website_koir
https://www.thelineofbestfit.com/news/latest-news/zola-jesus-devon-welsh-launch-livestreaming-platform-for-artists-covid-19
https://ag.hyperxgaming.com/article/9778/soundcloud-partners-with-twitch-to-put-musicians-back-in-front-of-fans
https://www.stitcher.com/show/glitch-bottle/episode/072-voicing-the-ineffable-through-music-with-nika-danilova-zola-jesus-glitch-bottle-70563828
https://www.spreaker.com/user/glitchbottle/072-voicing-the-ineffable-through-music-
https://www.livechat.com/success/february-best-commercials/
https://livechat-success.netlify.app/success/february-best-commercials/
https://www.thedrum.com/news/2016/01/07/old-spice-reveals-new-face-absurd-male-bravado
https://www.gnu.org/software/gsrc/package-list.html
https://directory.fsf.org/wiki/GTD
https://www.popsci.com/story/health/basic-easy-stretches-mobility/
https://www.popsugar.com/fitness/sleeping-in-coronavirus-pandemic-personal-essay-47710148
https://toptohigh.com/why-the-outsourcing-web-development-industry-is-booming/
https://getpocket.com/explore/item/five-stretches-you-should-do-every-day
https://www.popsugar.co.uk/fitness/sleeping-in-coronavirus-pandemic-personal-essay-47710551
https://www.privacyshield.gov/article?id=Liberia-Trade-Standards
https://www.export.gov/apex/article2?id=Liberia-Trade-Standards
http://s263974156.websitehome.co.uk/2013/05/31/solid-steps-you-can-take-toward-far-better-dental-hygiene/
https://news.sky.com/story/britons-get-two-million-nuisance-calls-a-day-10421270
https://democracy.wirral.gov.uk/ieListDocuments.aspx?CId=682&MId=4588&Ver=4
https://www.kunstundjustiz.bund.de/category/veranstaltungen/2016/
https://digg.com/2017/hiv-international-security-mosaic
https://mosaicscience.com/story/hiv-international-security/
https://goodmenproject.com/culture/how-hiv-became-a-matter-of-international-security/
https://science.thewire.in/health/how-hiv-became-matter-international-security/
https://churchleaders.com/pastors/pastor-blogs/147954-church-trends-with-perry-noble.html
https://vimeo.com/15023300
https://go.indiegogo.com/blog/2016/01/sundance-slamdance-film-festivals-2016.html
https://zims-en.kiwix.campusafrica.gos.orange.com/wikipedia_en_all_nopic/A/Ruth_Platt
https://www.ece.rutgers.edu/~marsic/groupware/
https://www.cyber.t.u-tokyo.ac.jp/~kuni/research/paper-e.html
https://staff.aist.go.jp/t.kotoku/fyi/conf_j.html
http://pbl.cc.gatech.edu/ael/17
https://www.lsi.usp.br/~lsoares/portugues/cur.html
http://www.hvrl.ics.keio.ac.jp/publications-conference/
https://mmt.inf.tu-dresden.de/Forschung/Projekte/CONTIGRA/Demos/index_en.xhtml
https://www.cs.drexel.edu/~david/prev_conf.html
https://www.riec.tohoku.ac.jp/~kitamura/aboutme.html
https://www.evl.uic.edu/animagina/project.html
https://lists.w3.org/Archives/Public/public-egov-ig/2009Apr/0083.html
https://contently.com/2012/05/04/5-ways-to-build-a-better-website/
https://www.govloop.com/community/blog/standards-anyone-what-are-governments-responsibilities-in-distributing-content-to-the-social-web-and-non-government-websites/
https://www.mdpi.com/1996-1073/4/9/1258/htm
https://us1.campaign-archive.com/?u=cdf7e9cc9a1a12b28f21f7ff4&id=fc69f4bd56&e=60bef19202
https://geospatial.blogs.com/geospatial/infrastructure_management_for_telcos/
https://www.eoportal.org/satellite-missions/theos
https://www.ogc.org/pressroom/newsletters/201004

 

3 comments: