NAT Table Basics
The NAT Table is the address translation log used by a NAT (Network Address Translation) device (primarily a router) to convert between Private IP addresses and Public IP addresses. It is a critical component of NAT technology, which serves as a solution to the IPv4 address depletion problem.
1. Role of NAT and the Need for the Table
① Role of NAT
NAT allows devices on a private network (e.g., home or office LAN) to share a single public IP address for communicating with the external internet.
- Outgoing: Private (Internal) IP Address $\rightarrow$ Public (External) IP Address
- Incoming: Public (External) IP Address $\rightarrow$ Private (Internal) IP Address (Reverse Translation)
② Need for the Table
The NAT Table is necessary for the NAT router to accurately determine which internal device (which Private IP) should receive an incoming response packet from the outside world.
2. Structure and Operation of the NAT Table
The information stored in the table depends on the type of NAT used. We will explain based on the most common type, NAPT (Network Address and Port Translation, or PAT).
NAPT maps multiple private IP addresses to a single public IP address by adding Port Numbers as identifiers.
| Field | Information Stored in NAT Table | Description |
|---|---|---|
| Private Address (Private IP) | The private IP address of the internal device | 192.168.1.10 |
| Private Port | The port number used by the internal device | 50000 |
| Public Address (Public IP) | The public IP address of the NAT router | 203.0.113.5 |
| Public Port | The port number translated for external communication | 12345 |
Operation Example (NAPT)
- Outgoing: An internal device A (
192.168.1.10:50000) requests data from an external server. The router translates this request and sends it out as203.0.113.5:12345. - Table Recording: The router records the entry:
(192.168.1.10, 50000) $\leftrightarrow$ (203.0.113.5, 12345)in the table. - Incoming: The external server sends a response back to
203.0.113.5:12345. - Reverse Translation: The router looks up the table, sees that public port
12345corresponds to internal address192.168.1.10:50000, and translates the packet's destination address before forwarding it accurately to device A.
3. Table Management
- Timeout (TTL): To prevent the accumulation of unnecessary entries, records that haven't been used for a specified time (Timeout) are deleted from the table.
- Conflict Prevention: If two internal devices attempt to connect to the same external server using the same port number simultaneously, NAPT avoids conflict by translating one of the internal ports to a different available public port number.