What is NAT (Network Address Translation)?
Turkish: NAT
NAT translates private network addresses to public addresses or ports, allowing local devices to communicate across the internet.
What is NAT?
NAT (Network Address Translation) is a networking technique that changes the source or destination IP address in a packet. The most common use is allowing many devices in a home or office network to access the internet through one public IP address.
A local computer may use a private address such as 192.168.x.x. The router replaces the packet’s source address with its own public address, stores the port mapping in a table, and sends the response back to the correct internal device.
Types of NAT
- Source NAT (SNAT): Changes the source address for outbound traffic.
- Destination NAT (DNAT): Forwards inbound traffic to a specific internal server.
- PAT / NAT overload: Separates many devices behind one public IP by using different ports.
- Carrier-grade NAT: Lets an internet service provider place many subscribers behind a shared public IP pool.
NAT became a practical response to IP address scarcity and remains common in IPv4 networks.
Security and Operations
NAT may reduce direct visibility of internal devices, but it is not a firewall by itself. The policy that decides which traffic is allowed belongs in the firewall.
Business networks need careful NAT design for VPNs, remote desktop, camera systems, payment terminals, and published servers. A wrong port-forwarding rule can expose unnecessary services to the internet; under carrier-grade NAT, inbound access or static IP requirements must be planned separately.
Related Terms
A firewall filters traffic between devices and networks using rules, allowing approved connections while blocking suspicious or unauthorized access.
IP AddressAn IP address is a numeric label used to identify devices on a network and route data packets to the correct destination.
NAT64NAT64 translates traffic so IPv6-only clients can reach IPv4 services, usually together with DNS64 in transition networks.
SubnetA subnet divides an IP address range into smaller network sections for routing, security boundaries, and address management.