Network address translation

NATnetwork address translatorPATsymmetric NATnetwork address translatorsPort address translationNAT44NATsNetwork Address and Port Translationport translation
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.wikipedia
300 Related Articles

IPv4 address exhaustion

IPv4 address shortageaddress exhaustionAddress space exhaustion
It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion.
The anticipated shortage has been the driving factor in creating and adopting several new technologies, including network address translation (NAT), Classless Inter-Domain Routing (CIDR) in 1993, and IPv6 in 1998.

STUN

Session Traversal Utilities for NATSimple Traversal of UDP over NATs
For this purpose, the Simple traversal of UDP over NATs (STUN) protocol was developed (RFC 3489, March 2003).
Session Traversal Utilities for NAT (STUN) is a standardized set of methods, including a network protocol, for traversal of network address translator (NAT) gateways in applications of real-time voice, video, messaging, and other interactive communications.

NAT traversal

NAT-TtraversalHosted NAT traversal
The NAT traversal problem arises when two peers behind distinct NAT try to communicate.
Network address translator traversal is a computer networking technique of establishing and maintaining Internet protocol connections across gateways that implement network address translation (NAT).

IP address

IP addressesIPdynamic IP address
One Internet-routable IP address of a NAT gateway can be used for an entire private network.
Today, such private networks are widely used and typically connect to the Internet with network address translation (NAT), when needed.

TCP hole punching

The most popular technique for TCP NAT traversal is TCP hole punching, which requires the NAT to follow the port preservation design for TCP, as explained below.
TCP NAT traversal and TCP hole punching (sometimes NAT punch-through) occurs when two hosts behind a network address translation (NAT) are trying to connect to each other with outbound TCP connections.

Router (computing)

routerroutersnetwork router
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
Routers also commonly perform network address translation which restricts connections initiated from external connections but is not recognised as a security feature by all experts.

IPv6 transition mechanism

DNS64DS-Lite464XLAT
In effect, it is an (almost) stateless alternative to Carrier Grade NAT and DS-Lite that pushes the IPv4 IP address/port translation function (and therefore the maintenance of NAT state) entirely into the existing customer premises equipment NAT implementation.
SIIT can be viewed as a special case of stateless network address translation.

Dynamic DNS

DDNSdynamic updatesUPDATE requests
While not a perfect mobility solution, RAPT together with upcoming protocols like DHCP-DDNS, it may end up becoming another useful tool in the network admin's arsenal.
DHCP became an important tool for ISPs as well to manage their address spaces for connecting home and small-business end-users with a single IP address each by implementing network address translation (NAT) at the customer-premises router.

Address plus Port

A+P
Mapping of Address and Port is a Cisco proposal which combines A+P port address translation with tunneling of the IPv4 packets over an ISP provider's internal IPv6 network.
The Address plus Port (A+P) approach to the IPv4 address shortage is a technique for sharing single IPv4 addresses among several users without using stateful network address translation (NAT) in the carrier network.

Port forwarding

port forwardport mappingforwarded
One way to solve this problem is to use port forwarding, another way is to use various NAT traversal techniques.
This technique is most commonly used to make services on a host residing on a protected or masqueraded (internal) network available to hosts on the opposite side of the gateway (external network), by remapping the destination IP address and port number of the communication to an internal host.

Transmission Control Protocol

TCPTCP/IPACK
The vast bulk of Internet traffic uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).
Network Address Translation (NAT), typically uses dynamic port numbers, on the ("Internet-facing") public side, to disambiguate the flow of traffic that is passing between a public network and a private subnetwork, thereby allowing many IP addresses (and their ports) on the subnet to be serviced by a single public-facing address.

Address space

addressaddressableaddressed
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
Also, network address translation may occur on the edge of different IP spaces, such as a local area network and the Internet.

Private network

private IP addressPrivateprivate addresses
One Internet-routable IP address of a NAT gateway can be used for an entire private network.
In this situation, a network address translator (NAT/PAT) gateway is usually used to provide Internet connectivity to multiple hosts.

IPv6

Internet Protocol version 6dual-stackstateless address autoconfiguration
Mapping of Address and Port is a Cisco proposal which combines A+P port address translation with tunneling of the IPv4 packets over an ISP provider's internal IPv6 network.
However, if in the local area network (LAN) IPv4 is still used, and the ISP can only provide a public facing IPv6, the IPv4 LAN addresses are translated into the public facing IPv6 address using NAT64, a network address translation (NAT) mechanism.

Microsoft Forefront Threat Management Gateway

Microsoft Proxy ServerISA ServerThreat Management Gateway
Microsoft's Secure network address translation (SNAT) is part of Microsoft's Internet Security and Acceleration Server and is an extension to the NAT driver built into Microsoft Windows Server.

Hairpinning

There are other classifications of NAT behavior mentioned, such as whether they preserve ports, when and how mappings are refreshed, whether external mappings can be used by internal hosts (i.e., its hairpinning behavior), and the level of determinism NATs exhibit when applying all these rules.
In network computing, hairpinning (or NAT loopback) describes a communication between two hosts behind the same NAT device using their mapped endpoint.

IPv4

Internet Protocol version 4IPv4 addressIP header
In effect, it is an (almost) stateless alternative to Carrier Grade NAT and DS-Lite that pushes the IPv4 IP address/port translation function (and therefore the maintenance of NAT state) entirely into the existing customer premises equipment NAT implementation.
Therefore, private hosts cannot directly communicate with public networks, but require network address translation at a routing gateway for this purpose.

Application-level gateway

Application Layer GatewayALGALGs
Some protocols can accommodate one instance of NAT between participating hosts ("passive mode" FTP, for example), sometimes with the assistance of an application-level gateway (see below), but fail when both systems are separated from the Internet by NAT.
In the context of computer networking, an application-level gateway (also known as ALG, application layer gateway, application gateway, application proxy, or application-level proxy ) consists of a security component that augments a firewall or NAT employed in a computer network.

UDP hole punching

the UDP-based technique
NAT traversal is possible in both TCP- and UDP-based applications, but the UDP-based technique is simpler, more widely understood, and more compatible with legacy NATs.
UDP hole punching is a commonly used technique employed in network address translation (NAT) applications for maintaining User Datagram Protocol (UDP) packet streams that traverse the NAT.

Internet Gateway Device Protocol

IGDInternet Gateway DeviceUPnP Internet Gateway Device Protocol
Other possibilities are UPnP Internet Gateway Device Protocol, NAT-PMP (NAT Port Mapping Protocol), or Port Control Protocol (PCP), but these require the NAT device to implement that protocol.
Internet Gateway Device (IGD) Standardized Device Control Protocol is a protocol for mapping ports in network address translation (NAT) setups, supported by some NAT-enabled routers.

IPv6-to-IPv6 Network Prefix Translation

NAT66network prefix translationNPTv6
That being said, using unique local addresses in combination with network prefix translation can achieve similar results.
IPv6-to-IPv6 Network Prefix Translation (NPTv6) is an experimental specification for IPv6 to achieve the address-independence at the network edge, given by network address translation (NAT) in Internet Protocol version 4.

NAT Port Mapping Protocol

NAT-PMPNAT PMPNAT port mapping
Other possibilities are UPnP Internet Gateway Device Protocol, NAT-PMP (NAT Port Mapping Protocol), or Port Control Protocol (PCP), but these require the NAT device to implement that protocol.
The NAT Port Mapping Protocol (NAT-PMP) is a network protocol for establishing network address translation (NAT) settings and port forwarding configurations automatically without user effort.

Port Control Protocol

PCP
Other possibilities are UPnP Internet Gateway Device Protocol, NAT-PMP (NAT Port Mapping Protocol), or Port Control Protocol (PCP), but these require the NAT device to implement that protocol.
Port Control Protocol (PCP) is a computer networking protocol that allows hosts on IPv4 or IPv6 networks to control how the incoming IPv4 or IPv6 packets are translated and forwarded by an upstream router that performs network address translation (NAT) or packet filtering.

H.323

H323Registration, Admission and StatusH.323 Gateway
It provides connection tracking and filtering for the additional network connections needed for the FTP, ICMP, H.323, and PPTP protocols as well as the ability to configure a transparent HTTP proxy server.

Proxy server

proxyproxiesproxy servers
It provides connection tracking and filtering for the additional network connections needed for the FTP, ICMP, H.323, and PPTP protocols as well as the ability to configure a transparent HTTP proxy server.
A proxy can keep the internal network structure of a company secret by using network address translation, which can help the security of the internal network.