What Is NAT?
Applies To: Windows Server 2008
Network address translation (NAT) provides a method for translating the Internet Protocol version 4 (IPv4) addresses of computers on one network into IPv4 addresses of computers on a different network. A NAT-enabled IP router deployed at the boundary where a private network, such as a corporate network, meets a public network, such as the Internet, allows computers on the private network to access computers on the public network by providing this translation service.
NAT technology was developed to provide a temporary solution to the IPv4 address-depletion problem. The number of available globally unique (public) IPv4 addresses is far too few to accommodate the rapidly increasing number of computers that need access to the Internet. Although the long-term solution — the development of Internet Protocol version 6 (IPv6) addresses — exists, IPv6 is not yet widely adopted. NAT technology lets computers on any network use reusable private addresses to connect to computers with globally unique public addresses on the Internet.
In Windows Server® 2008, the Routing and Remote Access service supports a NAT solution by allowing the optional configuration of a routing protocol component that provides network address translation. Computers on a private network can access a public network by means of a NAT-enabled router that runs the Routing and Remote Access service. All traffic leaving, or entering, the private network must travel by way of the NAT-enabled router.
NAT consists of the following components:
| Component | Description |
|---|---|
Translation |
The server running Routing and Remote Access on which NAT is enabled translates the IP addresses and TCP/UDP port numbers of packets that are forwarded between the private network and the Internet. |
Addressing |
The network address translation computer provides IP address configuration information to the other computers on the home network. The addressing component is a simplified DHCP server that allocates an IP address, a subnet mask, a default gateway, and the IP address of a DNS server. You must configure computers on the home network as DHCP clients in order to receive the IP configuration automatically. |
Name resolution |
The network address translation computer becomes the DNS server for the other computers on the home network. When name resolution requests are received by the network address translation computer, it forwards the name-resolution requests to the Internet-based DNS server for which it is configured and returns the responses to the home network computer. |
Additional considerations
Because NAT includes addressing and name resolution components that provide DHCP and DNS services for hosts on the private network, you cannot run:
The DHCP service or the DHCP Relay Agent if NAT addressing is enabled.
The DNS service if NAT TCP/IP networking name resolution is enabled.