NAT process simplified
This is a simplified explanation of Network Address Translation (NAT), without too much technical details for clarity. The explanation below is based on the following diagram:
Step 1: Source port selection
When an application (a process) initiates a request to a remote destination, the operating system will select a source port for the outgoing communication. This source port is usually selected from the ephemeral port range (49152–65535) and is used to to identify the communication session. For example, the source port could be 45956, as indicated in the above diagram:
# [Client's local IP + Port number ]
192.168.1.50:45956So, the request, going to the gateway, will contain the client’s DHCP address, where the process is running on, and a port number, assigned by the OS, which will play an important role in the next steps.
Step 2: Destination port on outbound request
The destination port in the outbound request is the port that the remote server is listening on. In our example, it’s port 443. The combination of the remote server’s IP address (172.4.66.3) and destination port (443) identifies the specific service on the remote server that the client (our app) is trying to reach.
So basically, our client is telling the gateway that it wants to connect to a server at IP 172.4.66.3 on port 443.
Step 3: Gateway Network Address Translation (NAT)
When the traffic reaches the gateway, NAT comes into play. The gateway replaces the source IP and port with its own public IP and a new port number. This is what NAT does in essence. So, in our example, the source IP of the client becomes the gateway’s public IP (11.22.33.44), and a new source port (e.g., 1189) is assigned.
NAT table
The NAT process in a gateway maintains a translation table or NAT table. This table stores mappings between local IP addresses assigned to devices on the internal network and the corresponding external or public IP addresses used for communication with devices on the internet. NAT table also includes information about the specific ports being used for communication to ensure that incoming and outgoing data packets are correctly routed between the internal and external networks
Example NAT table:
| Source (Client) | Local Port | Gateway | Outgoing Port | Remote Server | Remote Port |
|---|---|---|---|---|---|
| 192.168.1.50 | 45956 | 11.22.33.44 | 1189 | 172.4.66.3 | 443 |
Step 4: Response handling
Now that the request has been sent from our network. When the remote server responds, it sends the response to the public IP and port of our gateway (11.22.33.44:1189). The gateway, based on its NAT table, knows which internal device (identified by the LAN IP and port) should receive this response. The gateway then forwards the response to the appropriate internal IP and port.
Step 5: Port forwarding
This mechanism of associating an incoming response with the correct internal client based on the port number is often referred to as port forwarding. The gateway keeps track of the translations it performed and uses this information to forward responses to the correct internal device.
Finally the operating system, based on the port number coming in the response, will be able to hand the data load back to our application.
Caviate
Keep in mind that specific network configurations, proxies, security, and routing roles might introduce variations on how internal traffic is routed.