1. Why NAT Exists
NAT was created because IPv4 doesn’t have enough IP addresses for everyone.
That’s the short answer to the question: why NAT was created. But let’s explore together the full story behind it.
As you may know, IPv4 uses a 32-bit format which gives us:
2^32 bits = 4,294,967,296 unique IPv4 addressesAt first, it seemed like more than enough. Over 4 billion IP addresses felt like a massive pool for IP device.
IPv4 Was Never Designed for the Modern Internet
Back then, the internet was small. But as more people and devices came online, we quickly realized IPv4 couldn't scale. Every device connected to the internet needs an IP, and suddenly, that huge number wasn’t enough anymore.
NAT was developed as a short-term solution to prolong the life of IPv4
2. What Happened in the 1990s?
To understand why NAT became necessary, let’s go back in time.
Looking back at the early days of the internet, the institutions responsible for managing IPv4 addresses started assigning very large IP blocks to organizations like HP, Ford, and even universities like MIT.
These blocks were massive we’re talking about /8 subnet, which means each organization received over 16 million public IP addresses, whether they needed them or not.
Figure 1 – In the 1990s, IANA gave huge public IP ranges (/8) to organizations, wasting millions of addresses
At the time, this didn’t seem like a problem.
But in the 1990s, the internet began to explode in popularity, more users, more networks, and more connected devices.
The IANA, which was in charge of assigning IP addresses globally, quickly became overwhelmed...
The allocation model was inefficient, and a huge number of addresses remained unused, just sitting idle in these large allocations.
In 2019, all public IPv4 addresses were officially exhausted.
No more new IPv4 adresses could be assigned.
As this crisis became clear, engineers started looking for solutions to keep IPv4 usable despite the shortage.
One of the most effective solutions to this problem turned out to be NAT (Network Address Translation).
3. The First Attempt to Solve the Problem
Before NAT was introduced, network engineers tried another approach…
IPv6: The New IP Address
One of the earliest ideas was to design an entirely new version of the IP protocol.
That’s how IPv6 came into existence.
Figure 2 – IPv6 was created to replace IPv4 by expanding addresses from 32 to 128 bits
While IPv4 uses a 32-bit address format, IPv6 expanded this to 128 bits.
That means:
2^128 bits = 340 undecillion possible addressesIt’s an astronomical number, more than enough to give every device on Earth a unique IP address… and still have plenty left.
On paper, IPv6 looked like the perfect solution.
But as often happens, theory didn’t match reality.
IPv4 Was Too Valuable to Abandon
By the time IPv6 was ready, the world was already deeply invested in IPv4.
Migrating to IPv6 would require:
Replacing incompatible hardware
Updating legacy software
Training IT teams
Redesigning network infrastructure
In short: it was too expensive, too risky, and too disruptive.
Most businesses weren’t ready and still aren’t, decades later.
So engineers reframed the problem:
How can we keep using IPv4… even if we’ve run out of public IP addresses?
The answer? A clever trick that allowed IPv4 to live on:
NAT — Network Address Translation.
4. How Did They Solve It?
To keep using IPv4 despite the exhaustion of public IP addresses, engineers introduced two fundamental concepts:
Private IPv4 addresses
NAT (Network Address Translation)
Private IPv4 Addresses – The First Step
The first step was to recognize that not every device needs to be directly reachable from the internet. Most devices only need to communicate within a local network.
To address this, RFC 1918 introduced three dedicated IPv4 address ranges for private use:
Figure 3 – RFC 1918 defined private IP ranges to reduce the need for public addresses
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
These IP addresses are not routed on the public internet. They are reserved exclusively for internal communication within homes, offices, or enterprise networks.
But Private IPs Can't Reach the Internet…
This is where NAT comes in.
NAT, (Network Address Translation) was invented to solve a very real problem: private IP addresses are not allowed on the internet. If a device using a private IP tries to reach a website, the traffic is simply dropped by router on the internet.
To solve this, NAT was designed to translate private IPs into public IPs, so that devices inside a local network can still communicate with the outside world.
Let’s look at a simple example:
Figure 4 – NAT replaces private IPs with the router’s public IP to reach the internet
Inside a typical home, devices are assigned IPs from the 192.168.1.0/24 range. These addresses work only inside the house and are not visible to the internet. When one of these devices sends a request to the web, the router in this case labeled R1 intercepts the packet and replaces the private source IP with its own public IP address, such as 37.5.55.103.
From the internet’s perspective, all traffic from the home appears to come from this single public IP. The router keeps track of which internal device initiated the request, so it knows how to forward the response correctly.
This same process takes place in millions of homes, offices, and networks across the world.
Figure 5 – NAT lets many networks reuse the same private IPs by translating them at the edge
As shown in the diagram, several networks might all use the exact same private IP range 192.168.1.0/24. One home uses a public IP of 37.5.55.103, another uses 210.6.12.104, and a third uses 31.0.10.145. Even though the internal IPs are identical, there is no conflict because each network is isolated, and NAT performs the necessary address translation at the edge.
This approach allows private IPs to be reused endlessly across different environments, all while maintaining full internet connectivity through public IPs.
So yes, it’s an elegant solution. But how does NAT actually manage all these translations behind the scenes?
That’s exactly what we’ll explore in the next section.
5. How NAT Works (Step-by-Step)
Let’s walk through a real-world example.
Imagine your computer wants to send a DNS query to Google’s DNS server at 8.8.8.8. Your device has a private IP address: 192.168.1.5.
Step 1: The Packet Is Sent
Figure 6 – A private IP (192.168.1.5) sends a packet to 8.8.8.8 via the router
Your PC generates a packet with the following information:
Source IP: 192.168.1.5 (private)
Destination IP: 8.8.8.8 (public)
Since the destination is outside the local network, the packet is sent to the default gateway (your router).
Step 2: The Router Translates the IP
Figure 7 – The router swaps the private IP with its public IP
When the packet reaches the router, it performs three actions:
Recognizes the packet is leaving the local network.
Replaces the source IP (192.168.1.5) with its own public IP (37.3.45.100).
Stores the translation in a NAT table, associating the private IP and the public IP.
Then it forwards the packet to the internet.
Step 3: The DNS Server Replies
Figure 8 – The DNS server replies to the router’s public IP
Google's DNS server receives the request and replies to the router’s public IP (37.3.45.100).
Step 4: The Router Translates Again
Figure 9 – The router translates the reply back to the private IP and sends it to the correct device
When the reply comes back:
The router checks the NAT table to find out which internal device made the request.
It replaces the destination IP (37.3.45.100) with the original private IP (192.168.1.5).
It forwards the response to your PC.
This is how NAT allows a device with a private IP to communicate with the public internet.
Behind the scenes, NAT dynamically tracks every connection in real time. This allows thousands of devices within a private network to share a single public IP address, without conflict or confusion.