Network Address Translation

Also found in: Dictionary, Acronyms, Wikipedia.
Related to Network Address Translation: Port address translation

Network Address Translation

(NAT, or Network Address Translator, Virtual LAN) A technique in which a router or firewall rewrites the source and/or destination Internet addresses in a packet as it passes through, typically to allow multiple hosts to connect to the Internet via a single external IP address. NAT keeps track of outbound connections and distributes incoming packets to the correct machine.

NAT is an alternative to adopting IPv6 (IPng). It allows the same IP addresses (10.x.x.x is the conventional range) to be used on many private local networks while requiring only one of the increasingly scarce public addresses to be allocated to each private network.

NAT does not however allow an external service to initiate a TCP connection to an internal host, nor does it support stateless protocols based on UDP well unless the router software has extensions to support each specific protocol.
This article is provided by FOLDOC - Free Online Dictionary of Computing (


(Network Address Translation) The technology that maintains the privacy of the addresses of the computers in a home or business network when accessing the Internet. It converts the private addresses that are assigned to the internal computers to one or more public addresses that are visible on the Internet (see private IP address). NAT is an IETF standard that is implemented in a router or firewall as well as in any user's machine that is configured to share its Internet connection (see ICS).

NAT assigns a number to the packet headers of the messages going out to the Internet and keeps track of them via an internal table that it creates. When responses come back from the Internet, NAT uses the table to perform the reverse conversion to the private IP address of the requesting client machine (see illustration below).

A First-Level Firewall
NAT provides a small amount of security by keeping internal addresses hidden from the outside world. It prevents several kinds of first-level attacks, but not all, and it must be used in conjunction with the stateful inspection firewall built into the router or personal firewall in each user's machine. Enterprises generally use very robust firewall architectures for security (see firewall and firewall methods). See dynamic NAT.

Not Enough IP Addresses
When the Internet was first developed, its 32-bit IP address provided four billion discrete numbers, which proved woefully insufficient to assign a unique number to every device that eventually became Internet enabled. With IP Version 6 (IPv6), there are sufficient numbers for everything on the planet; however, the original system (IPv4) is thoroughly entrenched. See IPv4 and IPv6.

NAT Port Address Translation (PAT)
This common NAT method assigns a different TCP port number to each client session with a server on the Internet. When responses come back, the source port becomes the destination port and determines which user to route the packets to. It also validates that the incoming packets were requested. See TCP/IP port.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
-- Double firewall that includes Network Address Translation (NAT) hiding PCs and files from outside users and an SPI firewall that denies outside requests for personal information.
According to the company, the MSP7160 delivers gigabit-per-second IPv4 or IPv6 routing, Network Address Translation (NAT) and Quality of Service (QoS) features.
The devices can offload overburdened firewalls from key security features like Access Control Lists (ACL), DoS/DDoS, stateful Network Address Translation (NAT) and application rate controls to maximize the firewall performance for stateful inspection.
* Secure remote access for vendors and home based users (including network address translation, secure VPN access, and terminal services)
More sophisticated IVR services even include network address translation (NAT), so storage administrators can selectively link SAN islands without worrying about overlapping domain addresses in each fabric.
Network address translation capabilities for its Inter-Virtual SAN routing (IVR) feature give storage area networking (SAN) administrators the ability to consolidate legacy SANs and share resources across heterogeneous SANs.
On a smaller scale, Linksys--maker of the popular line of consumer-level wireless access point devices uses network address translation to conceal computing activity on the user's side of its router product.
Incorporating 8-port 10/100 Mbps switches, the SNMP-manageable firewalls feature Network Address Translation (NAT) routing and provide high-speed throughputs of 90+ Mbps WAN-to-LAN and up to 100 Mbps 3DES VPN throughput.
Other features include: easy setup and configuration with application-specific security policies; dynamic stateful packet filtering; dynamic network address translation; an expandable platform with full model upgrade capability; and WEP, WPA and IP sec VPN security for wireless models.
These shortages have been partially mitigated through Network Address Translation (NAT) and Classless Interdomain Routing (CIDR).
It also supports network address translation and MPLS, the company said.

Full browser ?