NAT network address translation for
sharing internet connections and more

Published: 5-Feb-2001

NAT is an acronym for Network Address Translation. It is a commonly used IP translation and mapping technology. To home networkers like you, it is a technology that allows your home network to share internet access. Using a device or piece of software that implements NAT allows an entire home network to share a single internet connection over a single IP address. A single cable mode, DSL modem, or even 56k modem could connect all the computers in your home to the internet simultaneously. Additionally, NAT keeps your home network fairly secure from hackers. 

NAT is built in to the most common Internet Connection Sharing technologies around. Microsoft has built their ICS around it and every Cable/DSL Broadband Router on the market accomplishes its job with NAT.

NAT acts as an interpreter between two networks. In the case of a home network, it sits between the internet and your home network. The internet is considered the ‘public’ side and your home network is considered the ‘private’ side. When a computer in the private side request data from the public side (the internet), the NAT device will open a little conduit between your computer and the destination computer. When the public computer returns results from the request, it is passed back through the NAT device to the requesting computer.

 

Basic NAT devices are not real firewalls, but they are usually considered ‘good enough’ for most home networks. By not forwarding requests or probes that originate from the internet to your LAN, a NAT device blocks most mischief. A simple NAT device can not keep hackers from running DOS (Denial Of Service) attacks on you, but individuals rarely get attacked like that. It will keep out people looking for file shares, rogue mail servers and web servers, and most port based exploits. Most also protect against SMURF and WinNuke atatcks. With a NAT device and a good anti-virus program, you should be safe from the most common kinds of internet attacks.

Some NAT routers have an advanced form of firewall built in that does 'stateful packet inspection'.  This allows the NAT devices to filter out specific kinds of data on your router like SYN flood attacks, IP Spoofing, Teardrop attacks and others.  SPI is a general term that can describe a router that filters more kinds of attacks than basic NAT by closely examining packet data structures.  Of course, each manufacturer will implement different kinds of SPI so not all SPI routers are equal.  Routers with SPI can often log attacks.

Most NAT devices allow you to create maps between the internet and your computer network - this is called port forwarding. Example: A request on port 80 from the Internet (looking for a web server on your IP address) would normally be turned away by a NAT device.  A special mapping can be set up to send that request from the internet to a specific computer on your network. One of your LAN computers could host a web server on the Internet, and another computer (or the same one) could host an FTP server because the two services work on different ports. Only a few special programs on the internet will not work using this port forwarding system.

NAT network address translation for
sharing internet connections and more