How Network Address Translation Works

in this video I'll talk about network

address translation how it works and why

we need it but first let's hear a bit of

backstory where do these little baby IP

addresses come from anyways back in the

late 70s a couple of clever researchers

were thinking about how long IP

addresses should be why is this

important you have to consider that in

every data packet we have to encode the

sender IP and the receiver IP if we only

reserved a few bits to encode an IP

address we can keep packet sizes small

however will also have few IP addresses

to end out to people if on the other

hand we choose to have lots of bits to

encode an IP address we'll have lots of

IP addresses to hand out but we'll also

have huge packets which increases the

communication overhead so as you can see

there's a bit of a trade-off going on

here you can either have small packets

or lots of IP addresses they ended up

deciding that they'd go with 32 bits for

an IP address that left them with

roughly 4.2 billion IP addresses you

have to consider that back then the

Internet which wasn't even called the

internet back then was just a toy for

academics it was definitely not meant

for regular people like you and me and

that's what's known today as IP version

4 now hang on a second let's do a bit of

math here we have 4.2 billion IP

addresses to hand out but we also have

seven billion people living on this

planet as of 2012 and also consider that

each of those seven billion people may

want to use multiple devices to access

the Internet so yeah we have a bit of a

problem on our hands what are we going

to do about this now because clearly

having only four point two billion

machines on the Internet is not going to

be an option we have to figure something

out and there is a fix but it's as

you'll see a bit of a workaround let's

keep it at that

there is in fact a way that we can keep

using IP version 4 and get more machine

onto the Internet here's a typical home

network setup

this is John's laptop this is Jane's

laptop and this is Jane's smartphone

they're all connected to the home router

that home router in its turn is

connected to the Internet now when you

register with your ISP you get to use an

IP address that is accessible throughout

the internet and that's assigned to your

home router so in this case we have 12

13 14 dot 15 assigned to the home router

this is a public IP address that

theoretically anyone on the internet can

send packets to our laptops and

smartphone also get their own IP address

but instead of getting one of those 4.2

billion public IP addresses they get a

private IP address that private IP

address is designed to them by the home

router and is not accessible from the

Internet now if these IP addresses look

familiar to you that's probably because

they are this is one of two ranges that

are reserved for private networks all

addresses starting with 192 dot 168 are

reserved for private networks as well as

all addresses that start with the number

10 you can use these IP addresses

without having to worry that some random

web server already uses that IP address

they can because it's specifically

reserved for private networks now let's

consider the connection from Jane's

laptop for a second Jane's laptop has an

IP address of one ninety two dot one

sixty eight dot one dot three here's an

example scenario where Jane's laptop

wants to know what the current weather

is in taxes and to get this information

it will try to contact the server at

14:30 2010 to get that information to

reach this web server james laptop will

have to go through the home router

through the internet and finally then


at the web server first Jane's laptop

has to send out a pack requesting the

information it says what's the current

temperature in San Antonio Texas now the

message here isn't really important the

web server should know what to do with

that and we won't get into that right

now but what you should know is that

there is a source IP address here with

the source port and a destination IP

address with a destination port in this

case it's port 80 which is frequently

used for HTTP traffic now let's send

this package on its way shall we when it

arrives at the web server the web server

will process the incoming requests and

try to formulate a reply the reply

packet will be addressed to the sender

but in this case because it was sent

from 192 dot 168 at 1.3 it will not be

reachable because it's a private IP

address so what do we do now let's

rewind that tape for just a second

Jane's laptop sends out a packet

requesting the current temperature and

San Antonio taxes it gets sent along to

the home router but instead of sending

it right over the Internet the home

router does something that's a little

bit sneaky when that packet re-emerges

you'll notice that the source IP address

has been changed this is not the only

thing that the home router does in

addition it also creates an entry in the

net forwarding table now we'll talk

about net forwarding table again in just

a second but for now all you have to

remember is that this thing allows us to

know which packets are to be sent in

Jane's laptop when they come in and

which packets are to be sent to that

smartphone or John's laptop moving right

along the packet travels over the

Internet and arrives at the web server

the web server will now create a reply

packet and will notice that the

destination IP address is no longer

private no instead it's sent to the

public IP address of

our home router on that specific port

now that our home router has received

the response it's time for another tiny

lie it creates a packet that looks as if

it was addressed from the web server

directly to Jaymes laptop which is not

what happened but that's all Jane's

laptop needs to know because it doesn't

care about how it got there it just

wants to get the packet and get this

over with but how does it know where to

send that packet it just received the

answer is in the net forwarding table we

just received that packet on port 24 604

and that means if we look in our net

forwarding table that we have to change

the IP address on the private side to

192 dot 168 1 3 on that specific port

over there in the forwarding table

Jane's laptop receives the packet and

the rest is history

Jane's laptop doesn't have to care about

any of that NAT stuff the home router

completely handles it for Jane's laptop

and it is completely transparent so

James laptop doesn't have to worry about

public and private IP addresses no this

is something through router fixes and

James laptop doesn't have to worry about

it of course ideally every computer

would have its own public IP address

which is why we're slowly but well

actually just slowly moving over to IP

version 6

remember how IP version 4 had 4.2

billion IP addresses at its disposal

well IP version 6 has a lot more and I

do mean a lot seriously try noting 34

and then followed by 37 zeros and that's

how much ipv6 addresses we have

approximately that is a lot if we can

give every computer its own public IP

address we won't be needing network

address translation anymore this means

that routers can once again focus on

their core business which is routing

packets not doing awkward switcheroo

tricks now I can hear you saying this is

nice and all but why haven't we switched

yet this IP version 4 thing is a mess we

only have 4.2 billion IP addresses and

that is clumsy as hell well it's not

that simple we have a lot of Internet

infrastructure that was built up over

the years and they all work with IP

version 4 so we have laptops desktops

home routers but also stuff on the ISP

side and web servers and they all work

with IP version 4 all these devices need

to have hardware and software that

supports IP version 6 before we can

entirely switch over and that is a huge

task just to give you an idea the IP

version 6 standard was finalized in

December of 1998 and yet here we are 14

years later and was still running on IP

version 4 you can see how this is one

hell of a task alrighty

if there's anything you'd like to see

explained please do let me know in the

comments below

thanks for watching and I'll see you

next time