Before we dive into the deep waters of NAT, we need to make sure we understand exactly what NAT does. So let me give you the background of NAT, why it's here today and how it works. Even though there are different modes of NAT they are all basically extensions to the original concept.
NAT has become so popular that almost all small routers, firewall software and operating systems support at least one NAT mode. This shows how important it is to understand NAT.
The NAT Concept
NOTE: NAT is not only used for networks that connect to the Internet. You can use NAT even between private networks as we will see in the pages to follow, but because most networks use it for their Internet connection, we are focusing on that.
The NAT concept is simple: it allows a single device to act as an Internet gateway for internal LAN clients by translating the clients' internal network IP Addresses into the IP Address on the NAT-enabled gateway device.
In other words, NAT runs on the device that's connected to the Internet and hides the rest of your network from the public, thus making your whole network appear as one device (or computer, if you like) to the rest of the world.
NAT is transparent to your network, meaning all internal network devices are not required to be reconfigured in order to access the Internet. All that's required is to let your network devices know that the NAT device is the default gateway to the Internet.
NAT is secure since it hides your network from the Internet. All communications from your private network are handled by the NAT device, which will ensure all the appropriate translations are performed and provide a flawless connection between your devices and the Internet.
The diagram below illustrates this: