A Net­work Address Trans­la­tor can cure many of the access prob­lems you may have with your home broad­band con­nec­tiv­ity through the process of mul­ti­plex­ing. This sim­ple, afford­able solu­tion can mean the dif­fer­ence between effec­tive in-​​home net­work­ing, and being bogged down with broad­band restrictions.

You work from home and have a com­puter net­work, your own lit­tle LAN for you and the kids. Great. You get your work done, your spouse gets con­nec­tiv­ity and the kids get their school­work done in record time on their own com­put­ers. And all of you can work, study, instant-​​message your friends or surf the Web from any­where in the house, or even out by the pool. All this is thanks to your wire­less con­nec­tion to your broad­band Inter­net service.

There’s one lit­tle problem…your broad­band provider will sup­ply you only a sin­gle Inter­net address, and it wants to charge you for each addi­tional address, or, worse yet, there are no more addresses avail­able right now. Only one com­puter can con­nect to the Net at a time. Oops.

“What do I do now?” you say. “Go back to a dial-​​up con­nec­tion? Go back to a snail’s-pace link?” (Can you hear the kids now?) “Nooooooooo!”

Fear not, dear mod­ern home­owner and con­nected par­ent, there’s a sim­ple, and afford­able solu­tion. It’s called NAT, Net­work Address Trans­la­tion, and not only will it allow your fam­ily simul­ta­ne­ous con­nec­tiv­ity to the Net via that sin­gle Inter­net address, it will pro­vide a lit­tle more secu­rity as well.

Net­work Address Trans­la­tion is a tech­nique used by NAT routers to trans­late Inter­net addresses from one address to another as data passes through the router. An ordi­nary router leaves the Inter­net address unchanged and sim­ply passes the infor­ma­tion along. A NAT router, how­ever, changes the address to its own. This serves two pur­poses: com­put­ers on a LAN can access a broad­band con­nec­tion and “look” like only one, and it keeps com­put­ers out­side your net­work from “see­ing” yours, which adds another layer of secu­rity to your home-​​based LAN.

Here’s how it works. Each time it con­tacts the Inter­net, a com­puter is assigned an address that works much the same way your street address does. Infor­ma­tion sent out from a com­puter is given an address so it can get to its des­ti­na­tion. At the same time, a return address is attached to the infor­ma­tion. Infor­ma­tion sent through a stan­dard Inter­net router looks the same way it did when it left your com­puter. It has the des­ti­na­tion address and the return address on it. It’s this return address that the Inter­net reads to know who is send­ing the infor­ma­tion, but so can every­one else. Addi­tion­ally, if you have a broad­band con­nec­tion with only one Inter­net address autho­rized at a time, only a sin­gle com­puter in your LAN can be on the Net at a time.

How­ever, infor­ma­tion sent through a NAT router has its return address removed and stored in the router, which then passes the infor­ma­tion along with no fur­ther changes. The NAT router assigns its own return address to your infor­ma­tion, so, no mat­ter how many com­put­ers are access­ing the Net, they all have the same, sin­gle Inter­net address. The many look like one, which means the broad­band sys­tem is see­ing only that one Inter­net address, and allows the traf­fic to pass unimpeded.

The divi­sion of one sig­nal, the sig­nal on the Inter­net side of the NAT router, into the many sig­nals on the LAN side of your router, is called mul­ti­plex­ing. Mul­ti­plex­ing, this abil­ity to have sev­eral com­put­ers using only one Inter­net address on the Net, may sound like you’re cheat­ing the broad­band provider, but you are actu­ally pro­vid­ing a nec­es­sary ser­vice to the entire Inter­net com­mu­nity. There are only so many Inter­net addresses avail­able, about four bil­lion. Four bil­lion. That sounds like a lot, and it is, but the num­ber of com­put­ers access­ing the Inter­net exceeded that num­ber years ago. Were it not for mul­ti­plex­ing, the Inter­net would slow down and pos­si­bly just grind to a vir­tual halt.

Mul­ti­plex­ing allows com­put­ers on LANs to be ser­viced by a sin­gle Inter­net address. The indi­vid­ual com­put­ers will share addresses within the LAN, and these may be the same used on the Inter­net and other LANs; how­ever, since they are iso­lated in their own, closed sys­tem, there is no prob­lem with the dupli­ca­tion. The global Inter­net sees only the sin­gle Inter­net address assigned to your NAT router. Thus, the world’s more than four bil­lion com­put­ers can still use the less than four bil­lion avail­able addresses with­out bog­ging down the system.

The sec­ond advan­tage of the NAT router, which is pure serendip­ity, is that your LAN is essen­tially invis­i­ble to the world. Out­side com­put­ers see only the router, not the com­put­ers on your LAN behind it. Since the router removes and stores Inter­net addresses orig­i­nat­ing from the LAN, it expects only those trans­mis­sions that it rec­og­nizes as being in response to what it sent out. Unan­tic­i­pated mes­sages com­ing from the Net lit­er­ally have nowhere to go; the NAT router doesn’t rec­og­nize them, and won’t let them pass. A com­puter from the out­side, say that of a hacker, can­not ini­ti­ate con­tact with your LAN.

Now, so we don’t give you a false sense of secu­rity, run­ning a com­puter behind a NAT router will not give you com­plete pro­tec­tion, though it can com­ple­ment your cur­rent secu­rity mea­sures. Mali­cious codes can still be down­loaded through NAT, and Tro­jan Horse pro­grams can still ini­ti­ate con­nec­tions to a hos­tile server. Web browsers and email oper­ates through NAT unhin­dered, so any threat from Web sites and email still exists because the intended vic­tim ini­ti­ates these con­tacts, and opens a win­dow to trou­ble if not care­ful. Imag­ine Drac­ula hov­er­ing out­side your bed­room window…he can only enter if you invite him in. NAT’s your win­dow; don’t open it to the vampires!

The NAT pro­gram is imple­mented in a com­puter or ded­i­cated hard­ware device that joins two net­works. One net­work is your LAN, and the other is the Inter­net, or WAN, the Wide Area Net­work. A NAT router has at least two phys­i­cal con­nec­tions or ports. These can be either two Eth­er­net cards, or an Eth­er­net and a modem. NAT soft­ware, like Inter­net Con­nec­tion Shar­ing soft­ware by Microsoft, is avail­able from many com­pa­nies.

NAT soft­ware run­ning on a com­puter is not the same as a Proxy Server, which can also run on a com­puter sit­ting between two net­works. Every Internet-​​based appli­ca­tion on a Proxy Server must be recon­fig­ured on every local com­puter to use the server. With NAT, no recon­fig­u­ra­tion is needed, which makes your life a lot easier.

NAT can also be imple­mented in a ded­i­cated hard­ware device called a broad­band router, cable modem router, or DSL router. In the purest form, the router has two Eth­er­net ports, usu­ally labeled LAN and WAN. Some devices come with a DSL modem, V.90 modem, or cable modem. The modem or cable con­nec­tion replaces the WAN port in those cases. Some devices have a Wire­less Inter­net con­nec­tion built in that is con­nected to the LAN port, allow­ing addi­tional com­put­ers to con­nect through the wire­less network.

Typ­i­cally, routers incor­po­rate a DHCP, a Dynamic Host Con­fig­u­ra­tion Pro­to­col, which assigns an Inter­net address and a Gate­way address to each com­puter on the LAN. The NAT router is the Gate­way, the access point to the Inter­net, so the LAN com­put­ers use its address for their own. The Inter­net pro­to­col sends infor­ma­tion not addressed to another com­puter on the LAN to the Gate­way address. Thus, any infor­ma­tion des­tined for the WAN, the global Inter­net, is sent directly through the NAT router look­ing as though it only came from the router, not the indi­vid­ual computer.

NAT can cause some prob­lems with some pro­to­cols and Inter­net appli­ca­tions. A sim­ple exam­ple is a Web server, which must accept incom­ing con­nec­tions from other com­put­ers wish­ing to access its data. If the server is behind a NAT router, incom­ing con­nec­tions are not pos­si­ble and the server will be invis­i­ble to com­put­ers on the Internet.

Prob­lems can also be had with FTP and some video­con­fer­enc­ing pro­to­cols; how­ever, there are sim­ple work-​​arounds and pro­vi­sions to over­come dif­fi­cul­ties with these and other pro­grams.

Incom­ing sig­nals that aren’t accepted by the NAT router can be stored in a “safe” area of the router called the DMZ, for Demil­i­ta­rized Zone, rather than throw­ing them away. This fea­ture allows these files to be reviewed and dealt with indi­vid­u­ally instead of just dis­card­ing them unseen.

NAT is a sim­ple way to con­nect sev­eral com­put­ers in a wire­less LAN to a sin­gle broad­band con­nec­tion or add an extra level of secu­rity to com­ple­ment your exist­ing fire­walls, virus detec­tion sys­tems and other secu­rity pro­to­cols. While it may not solve all con­nec­tiv­ity prob­lems, it is a quick, afford­able and easy solu­tion that can be read­ily installed in your family’s local area net­work. Your mobile fam­ily mem­bers are safe to access the Web with their wire­less Inter­net con­nec­tions, your broad­band provider won’t be sti­fling your con­nec­tiv­ity and you’ll be help­ing the global Inter­net com­mu­nity to boot. The best part is, your win­dow shades will be drawn and Inter­net vam­pires can’t get in, unless you invite them.

Related posts:

1. Net­work Con­fig­u­ra­tion Prob­lem Involv­ing Router and Fire­wall IP Addresses?
2. Any­one have any ideas how to fix a net­work problem?
3. What does “pos­si­ble net­work adapter prob­lem on this com­puter ” mean?
4. Trou­bleshoot­ing Net­work Problems
5. Net­work Problem?