Packet.School
HomeLevelsSandboxPricingAbout
XP1,240
L5 · Advanced Topics
Level 5
6 lessons
  • 01Subnetting Basics
  • 02Subnet Calculation
  • 03What is NAT?
  • 04VPN
  • 05Terminal Commands
  • 06Final Quiz
Levels/L5 · Advanced Topics/Lesson 03
Lesson · 03

What is NAT?

NAT is a technology that converts private IP addresses to public IP addresses.

Duration
2min
Level
L5
Type
Lesson
Progress
3/ 6

01Why is NAT Needed?

IPv4 Problem:

  • IPv4 = ~4.3 billion addresses
  • 8+ billion devices worldwide
  • Not enough!

Solution:

  • Use private IPs in internal network
  • Share single public IP with NAT
code
Internal (Private)           NAT          Internet (Public)
192.168.1.10  ────┐
192.168.1.11  ────┼───→ [Router] ───→ 203.0.113.5
192.168.1.12  ────┘      (NAT)

02Private IP Ranges

Reserved by RFC 1918:

ClassRangeCIDRAddress Count
A10.0.0.0 - 10.255.255.255/816.7 million
B172.16.0.0 - 172.31.255.255/121 million
C192.168.0.0 - 192.168.255.255/1665,536

These IPs are not routed on the internet!

03NAT Types

1. Static NAT (1:1)

code
Internal: 192.168.1.10 ←→ External: 203.0.113.10
  • Fixed external IP for each internal IP
  • Used for servers
  • Expensive (needs many IPs)

2. Dynamic NAT

code
Internal IPs → [NAT Pool] → External IPs
  • Dynamic assignment from IP pool
  • Wait when pool is full

3. PAT (Port Address Translation)

code
192.168.1.10:5000 → 203.0.113.5:40001
192.168.1.11:5000 → 203.0.113.5:40002
192.168.1.12:5000 → 203.0.113.5:40003
  • Most common type
  • Single IP, different ports
  • Also known as "NAT Overload"

04How PAT Works?

Outgoing Packet:

code
PC1: 192.168.1.10:3000 → google.com:443

Router writes to NAT table:
| Internal IP:Port | External IP:Port |
|------------------|------------------|
| 192.168.1.10:3000 | 203.0.113.5:40001 |

Outgoing packet:
203.0.113.5:40001 → google.com:443

Incoming Response:

code
google.com:443 → 203.0.113.5:40001

Router looks at NAT table:
40001 → 192.168.1.10:3000

Forwards to internal network:
google.com:443 → 192.168.1.10:3000

05NAT Limitations

  1. Peer-to-peer difficulty - Two devices behind NAT
  2. Some protocols problematic - FTP, SIP
  3. Port limit - ~65,000 simultaneous connections
  4. No end-to-end connection - IP changes

06Port Forwarding

Access server behind NAT:

code
Internet → Router (203.0.113.5:80) → Web Server (192.168.1.100:80)

Router rule:

  • External port 80 → Internal 192.168.1.100:80

07Summary

  • NAT = Private IP → Public IP conversion
  • PAT = Multiple device sharing with ports
  • Solution for IPv4 insufficiency
  • Home routers use PAT
Previous
Subnet Calculation
Next
VPN
On this page
  • Why is NAT Needed?
  • Private IP Ranges
  • NAT Types
  • How PAT Works?
  • NAT Limitations
  • Port Forwarding
  • Summary
Packet.School

An open, interactive curriculum for computer networking.

v3.0 · MIT22 lessons live

Learn

  • Lessons
  • Sandbox
  • Levels
  • Pricing
  • About

Simulations

  • Packet Journey
  • DNS Lookup
  • DHCP Simulator
  • Subnet Calc
  • Network Builder
  • Terminal

Project

  • About
  • Changelog
  • GitHub
  • Contributing
  • Style guide

Newsletter

One short email when a new level ships. No tracking pixels.

© 2026 Packet.School — MIT licensed☕ Support with a coffeebuilt in the open · last updated 2026.05.14