Home‎ > ‎

Network Address Translation (NAT)

In a programmer's language, computers conducts internet communication using sockets. Like term ports, sockets are provided by the operating system and not they are not physical sockets.

As a programmer, when your programme opens a socket, you need to address a port of the destination system and obtain an unused listening port on your own system to receive any response. You have to send the destination system your listening port.

Having more than one system using the same modem
When you direct a web browser to www.google.com:80, your browser obtains an unused non-system port from its system for listening. Let us say, the listening port is 10000. The listener port is for receiving the http response back from www.google.com:80. Your kid sitting next to you incidentally also browses www.google.com:80 and his/her google session of the play station or xbox also incidentally is assigned listening port 10000.

Both of you are sitting behind a cable/DSL modem, behind the modem is a wireless router. And both of your systems are behind the wireless router. Let us say that your cable/DSL ISP DHCP assigns your modem IPv4 public address

Then your wireless router DHCP assigns private LAN addresses to your system and to your kid's system.

Therefore, the router sees your pages as coming from to your system and to your kid's system.

Outgoing address translation
NAT on your router translates both computers' LAN addresses to using the public IP address of by reassigning the IP port numbers.
When the frame carrying the information of your listener ports passes through your NAT router, it would translate the listening- ports.

Let's say your router's NAT reassigns
port 15000 for your page and
port 16000 for your kid's page.

Consequently, your wireless router then sends your requests to Google server as coming from for your page and for your kid's page.

Incoming address translation
The google server then responds individually to and and when you wireless router encounters the response, it reaches into the mapping that it has stored and translates to to reach your system but translates to to reach your kid's system.

Running web/game/ftp/etc servers
But what if you have a web server or an ftp server running on your system. What if you have two systems and both have a web server and both web servers are listening on port 80?

Let us say the LAN private IP addresses registered/assigned with your wireless router of
your first system is and
your second system is 192.168.40

The wireless router would have a configuration web page usually by default, unless you changed it. There would be a tab to on the page where you could define/reserve application port mappings.

You could configure your wireless router to reserve the mapping => outgoing port 8080 => outgoing port 8088

Now you have to phone/email your friends your web/game servers are addressable through and respectively,

where the wireless router would preclude its ports 8080 and 8088 from its own dynamic NAT usage.

Of course, is as good as only before your ISP DHCP decide to renew the IPv4 address of your modem to say,

After which you would have to phone/email your friends and say Hey, the servers' addresses have changed to and respectively.

Alternatively, you could subscribe to dynamic DNS (DNS) service to use a named domain where the DDNS service will need you to install a simple heartbeat utility on one of your computer systems to help them monitor the address variation. Newer models of routers already have heartbeat client built-in so that you need not install heartbeat on any of your computers, where you simply enable the feature during configuration.

NAT modems
Newer ISP contracts supply you with a modem that has NAT. If so, you have to switch off either the one on your modem or the one on your wireless router. You should not use both - what's the point in translating twice because NAT is simply to prevent address collision. When you switch off NAT from your wireless router, it can operate as a hub switch and not a router anymore so that you could connect it to the modem using one of its LAN socket instead of thro its WAN socket.

Continue to next page Dynamic DNS (DDNS)