The Uptime Engineer
👋 Hi, I am Yoshik Karnawat
Stop skipping NAT. 3 minutes to understand what most engineers get wrong about NAT.
You type google.com into your browser.
Hit Enter.
Packets fly across the internet and come back perfectly.
Meanwhile, your home router is quietly rewriting every single one of them.
That's NAT. Network Address Translation.
Everyone mentions it.
Few understand it deeply.
Today, you will.
Why NAT exists
Back in the 90s, engineers realized something terrifying.
We were running out of IPv4 addresses.
IPv4 gives us ~4.3 billion addresses.
Sounds big… until phones, laptops, TVs, doorbells, cameras, and cars all needed IPs.
We didn't have enough.
So engineers improvised.
"What if many devices could share one public IP?"
Enter NAT.
One public IP facing the internet.
Many private IPs inside your network.
This trick delayed IPv4 exhaustion for decades.What happens when you visit a website
What NAT actually does
NAT modifies packets as they pass through your router.
It rewrites the source IP, sometimes the destination IP, and almost always the port number.
So your laptop (say, 192.168.1.10) can connect to the internet using the router's single public IP.
Think of NAT like a receptionist at company headquarters.
Many employees inside (private IPs)
One main phone number outside (public IP)
The receptionist tracks who made which call and routes responses back correctly
Without NAT, internal devices would have no way to talk to the internet safely or uniquely.
How NAT works (simple breakdown)
Scenario: You visit google.com.
Your laptop has a private IP: 192.168.1.10:50001
Your router has a public IP: 203.0.113.5
You send a packet to Google:
Source: 192.168.1.10:50001
Dest: 142.250.195.206:443When it hits your router, NAT kicks in.
Before NAT:
192.168.1.10:50001
After NAT (PAT / Port Translation):
203.0.113.5:62010
The router logs this in its NAT table:
Inside Local | Inside Global | Destination |
|---|---|---|
192.168.1.10:50001 | 203.0.113.5:62010 | 142.250.195.206:443 |
Router sends it out.
Google replies to 203.0.113.5:62010.
Router checks the NAT table, maps it back, and returns it to you.
Magic.
Types of NAT (quick and clear)
Type | Meaning | Example |
|---|---|---|
Static NAT | One private IP ↔ One public IP | Servers |
Dynamic NAT | Pool of public IPs shared | Corporate networks |
PAT (Port Address Translation) | Many devices share one public IP using ports | Home Wi-Fi (most common) |
PAT = "NAT overload" = the NAT everyone uses.
NAT isn't just about IP shortage
Secondary benefits:
Security: Hides internal network structure
Flexibility: Lets you change internal IPs without breaking internet access
Isolation: Enables overlapping private networks (think VPNs, DC migrations)
NAT = survival + privacy + flexibility.
Why NAT still matters (even with IPv6)
Yes, IPv6 gives us infinite addresses.
No, NAT isn't dying.
Because we love:
Security by hiding internal systems
Migration flexibility
Multi-cloud + hybrid infra tricks
App isolation in enterprise networks
And let's be honest: IPv6 rollout is slow.
Cloud providers? Firewalls? Kubernetes?
They still rely on NAT-like functions.
If you want to be a DevOps/SRE pro, you must understand NAT.