Network Address Translation

(redirected from Full cone NAT)

Network Address Translation

(NAT, or Network Address Translator, Virtual LAN) A technique in which a router or firewall rewrites the source and/or destination Internet addresses in a packet as it passes through, typically to allow multiple hosts to connect to the Internet via a single external IP address. NAT keeps track of outbound connections and distributes incoming packets to the correct machine.

NAT is an alternative to adopting IPv6 (IPng). It allows the same IP addresses (10.x.x.x is the conventional range) to be used on many private local networks while requiring only one of the increasingly scarce public addresses to be allocated to each private network.

NAT does not however allow an external service to initiate a TCP connection to an internal host, nor does it support stateless protocols based on UDP well unless the router software has extensions to support each specific protocol.
This article is provided by FOLDOC - Free Online Dictionary of Computing (


(Network Address Translation) The technology that maintains the privacy of the addresses of the computers in a home or business network when accessing the Internet. It converts the private addresses that are assigned to the internal computers to one or more public addresses that are visible on the Internet (see private IP address). NAT is an IETF standard that is implemented in a router or firewall as well as in any user's machine that is configured to share its Internet connection (see ICS).

NAT assigns a number to the packet headers of the messages going out to the Internet and keeps track of them via an internal table that it creates. When responses come back from the Internet, NAT uses the table to perform the reverse conversion to the private IP address of the requesting client machine (see illustration below).

A First-Level Firewall
NAT enhances security by keeping internal addresses hidden from the outside world. It prevents several kinds of first-level attacks, but not all, and must be used in conjunction with the firewall built into the router or the personal firewall in each user's machine. Enterprises generally use very robust firewall architectures for security (see firewall). See dynamic NAT.

NAT Port Address Translation (PAT)
This common NAT method assigns a different TCP port number to each client session with a server on the Internet. When responses come back, the source port becomes the destination port and determines which user to route the packets to. It also validates that the incoming packets were requested. See TCP/IP port.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.