Can someone explain the finer points of NAT to me?

[Woodchuck101]

Just like it says on the tin...

As I understand it, NAT is transparent to the client. The server picks up packets that belong outside the local network and routes them to an external network (internet, WAN etc) The server then waits for a response and routes that back to the client. As far as the client is concerned, the NAT server doesnt exist.

The question is, how does it know? If two people are accessing a website, how does NAT ensure packets aren't swapped?

Any insight would be greatly appreciated.

 

[techweenie]

It keeps track of what packets are sent where, and which client made the request. If you want some better information a search on google should turn up alot. You can also take a look at what the IETF says. Link

 

[MadRat]

www.cisco.com = best NAT info source

Basically what he said, but he left out subnet masking. The logic of the subnet is to tell whether or not to route the outbound packet off the LAN. If the IP address of the recipient is within the subnet mask it stays in the network until it is either picked up or its TTL (time to live) expires. If the recipient is outside the subnet mask then it goes out through the router and expends its TTL off the LAN.

NAT keeps track of all incoming and outbound traffic to determine where responses to that traffic should be sent. If an outside packet comes in to the router without express permission to get in through the NAT then it is rejected. That is the reason most NAT subnets are stealth; they do not report to traffic that doesn't have permission to elicit a response.