How Your Router Routes Your Internet Traffic - An Introduction to NAT, NAPT
Vložit
- čas přidán 4. 05. 2021
- In this video, I've looked at one of the most interesting router mechanisms that go unnoticed by most Internet users. Without it, you would either have to contend with only one of your devices accessing the Internet at the time. Or your ISP would need to provide every Internet-connected device with a unique public IP address.
With IPv6, providing every Internet-connected device with its own IP address isn't going to be an issue. But with IPv4 (which still dominants the Internet space), this isn't anywhere near viable.
A couple of years ago, I suddenly had this curiosity spark; my router issues the private IP addresses. As one may or may not know, the router issues these IP addresses so the devices on the local network can communicate with each other and back to the router. The private IP addresses aren't globally unique, nor they can be reached over the Internet.
Have you ever tried pinging a random private IP address and somehow ended up reaching someone else's personal device over the Internet?
You know this would be an absurd thing to do because this isn't something the private IP addresses are supposed to do.
To reach the hosts over the Internet, we have public IP addresses. These IP addresses are unique (meaning no two devices on the whole Internet share these IP addresses between themselves). You can establish a connection with them. They can establish a connection with you.
The ISP issues the public IP address. Generally, we have this public IP address configured on the router to share a single Internet connection with our phones, computers, etc.
And this is where my wonder arose, my router has the public IP address, and my devices have the private ones. Yet my devices that are connected to the router can access the Internet. Not only that, the router forwards the Internet packets to the intended devices with absolute perfection.
How is this happening? How does the router figure out that it has to forward this or that packets to this or that device?
I searched the Internet, and I was quite surprised to find out that the router does this with something called 'NAT' (Network Address Translation.)
**
The type of NAT implemented into our day to day routers is called 'NAPT' (Network Address Port Translation.) NAPT also is known by the names of 'NAT Overload,' 'PAT' (Port Address Translation), one-to-many NAT, IP masquerade, or simply as NAT.
The one other major type of NAT is called CGNAT (Carrier-grade NAT.) The ISPs usually implement this technology.
If you have a choice, I would advise you against opting for the ISPs that actively use this type of NAT because the ISP has likely put hundreds to thousands of the devices behind a single public IP address. Many websites, especially the popular ones, will treat the traffic generating from this 'bloated' IP address as bot traffic. Hence it is very likely that you would be challenged with CAPTCHAs on many websites to prove that you're a human.
Second, it can severely deteriorate your online gaming experience. And third, it left port forwarding utterly useless because even if you would open a port X on your firewall to host a service on your IP address- let's just say a multiplayer gaming session. There would be no way to tell your ISP to open port X from their end and map it to your IP address. Unless, of course, you can call them, and they have the means to honor your request.
The one means to tell if you're behind CGNAT; check the WAN IP on your router. If it is a private IP address, then you're behind CGNAT.
**
In the closing remarks, I want to say, NAT has been a fantastic piece of technology, but it has fulfilled its purpose- at least for the consumer space. Moving forward, I'm glad the thing is no longer required on IPv6.
Rejoice online gaming, hosting your web server, media server, VPN server, mail server, or whatever service you want to host.
During the research of this video, I've learned that NAT has had broken one of the founding principles of the Internet that is end-to-end networking. Let's say if you want to exercise your freedom of expression on the Internet (granted that isn't something like, "5G causes coronavirus," not that I care, but come on 🤷🏽♂️), you don't have to abide by anybody's terms and conditions to express what you want to express.
***
A huge shout out to www.vecteezy.com/ for providing so many high-quality vectors to perhaps millions of content creators around the world for free. If you want to thank me, perhaps, you can do so by purchasing their monthly premium subscription (not affiliated.) Of course, only if you liked their service.
Thanks
two days sercing for that explanation... and a "Indian Guy on CZcams" get it right on the Spot. Great work.
Its a great video, high quality 👍
awesome explanation!!
Thanks a lot for making these things finally clear to me after so long of misunderstanding them!
Glad the video could be help you.
Thank you for the great video! Question for you - is a scenario possible where two devices on a LAN generate the same random source port number? If this occurs, how does the router determine which device to send the appropriate response traffic?
Devin, even if the source port collided the IP addresses of the two devices on the same LAN would still differ.🙂
For example, device one has IP and source 192.168.1.10:5510 and the device two 192.168.1.11:5510, the router here would be able to distinguish that the traffic of the same source port belongs to two different devices.
So, the router could assign .10:5510 device a random port (say x.x.x.x:55262) on the WAN and the .11:5510 device (x.x.x.x:46736.)
@@PalwinderSingh That makes sense. Thank you for the explanation and reply!