Back to posts.

NAT Types

When you're diving into peer-to-peer communication you'll most likely stumble upon STUN, ICE and NAT. I'm not diving into STUN and ICE in this article as they build upon some knowledge that I explain in this article. Below I'll explain on a high level how NAT works and the things you need to be aware of if you want to know more about peer-to-peer connections work. Note that I might leave out some details and simplify certain things. When you want to know more, you can have a look at some of the relevant RFCs.

What is a NAT

Before you continue, I assume you know about IP addresses and PORTs and that the PCs in your house have their own local range of IP addresses which are not share outside your router with the public Internet. A NAT is a device that is used to translate packets to and from your network with other networks. It's part of what makes the Internet the Internet.

At home you'll probably have router which functions as a NAT: Network Address Translation. Your router which also functions as a NAT will map internal addresses and ports to external ones. When a packet arrives from the Internet to your NAT, the NAT uses a table that maps the external extIP:extPORT to the intIP:intPORT of the PC in your network that requested the packet.

Types of NATs

Before diving into the different types of NATs it might give you a better understanding of NATs when you think about it like this: all these NAT types are related to how an external IP:PORT can send data to a PC behind a NAT. In most of these cases the NAT will check if the internal PC (behind the NAT) has already sent data to the external one. Based on this fact, the NAT will forward data to the internal PC where each different NAT type has different rules about how restrictive it is. E.g. some NAT types will reject incoming packets when the internal PC did not sent a packet to the external one.

There are generally four types of NAT which I'll describe in more detail below. The different types of NATs which I'll describe are:

Full Cone NAT
Address Restricted Cone NAT
Port Restricted Cone NAT
Symmetric NAT

Did the local PC already sent packets to the external one?

The above types of NATs will check if mapping has been created already to determine how to deal with packets that the NAT receives from the Internet. The image below shows a packet which is sent from a local PC from a socket with an IP address locIp and port number locPort to remote server on remIp:remPort.

Sending packets to a remote PC Image 1. The Local PC sends data to the remote PC port 5100, creating an address mapping.

Full Cone NAT

I think the Full Cone NAT is the most simple one to understand as it's similar to something you've dealt with in the past. Maybe this is something that you've done before: creating a port forwarding rule for an internal service. In your router or NAT you've configured that when someone sends a request to port 80 of your NAT/router IP address, that it will be forwarded to a local IP and PORT. When you've created such a rule, you've configured a (static) rule for a Full Cone NAT. With Full Cone NAT devices, these rules are created automatically.

Ever created a port forwarding rule?
Nice, then you already know what a Full Cone NAT is.

In the image below you can see that any external host can sent a message to the IP:PORT of your NAT and that the NAT will forward it to the local PC. As long as an port fowarding rule exists this will work and is called a Full Cone NAT.

In this particular case, the NAT device will not check if the local PC already sent a message to the remote PC. The following NAT types, Address Restricted NAT and Port Restricted NAT will check if the local PC already sent a packet to the remote PC or not.

Image 2. With Full Cone NAT, the device allows traffic from any remote host

Address Restricted Cone NAT

While the Full Cone NAT is the most basic and well known NAT type, there are other types which are often used but which are less well known. I'm sure that you've created a static port fowarding rule yourself (i.e. Full Cone NAT rule). These other types are less known because they often apply to rules that are created automatically by your NAT device. This is also the case for the type I'll explain here: Address Restricted Cone NAT.

The Address Restricted Cone NAT will allow traffic from a remote PC only when the local PC has previously sent data to this remote PC. This is demonstrated in the image below. In this case we assume that the local PC has sent data to the remIP:5100 port as shown in image 2.

Image 3. The Address Restricted Cone NAT allows traffic only when the local PC has previously sent data to the Remote PC

Port Restricted Cone NAT

Like every article on NAT types, I'll tell you the same: the Port Restricted Cone NAT is similar to the Address Restricted Cone NAT but adds another restriction. And also this NAT type also depends whether we've already sent a packet to the 1remote host as shown in image 1. This NAT type also adds a check to the PORT number that is used. When you look at image 1 again, you see that the local PC sends a packet to the remote IP on port 5100, i.e. remIp:5100. By sending this package the NAT creates an mapping from locIp:locPort to remIp:1500. With a Port Restricted rule the remote PC can only send data to the local PC when it sends them from remIp:1500.

Image 4. Port Restricted Cone Nat: the local PC can only receive data from remote IP:PORT when it previously sent a packet to remote IP:Port

Symmetric NAT

The Symmetric NAT is the most restrictive type of the NAT types described in this article. A Symmetric NAT will create a 1:1 mapping for each locIP:locPORT to remIP:remPort that is created. This means that when the local PC connects to a remote PC on port A and B, it will create two mappings. The RFC3489 describes this very well:

A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host.

NAT Types This is so exciting, in this article I dive into some of the different ways a NAT device translates addresses which is important for peer-to-peer connections.
Building Cabinets In this post I dive into the design and construction of a cabinet with an interact LED strip. I also explain how I dynamically change the colors of the LEDs over TCP/UDP.
Compiling GStreamer from source on Windows How to compile GStreamer on Windows from Source using Visual Studio 2019 and the meson build system.
Debugging CMake Issues In this post I explain a process you can follow to debug issues with CMake by focusing on a specific target and making the output verbose.
Dual Boot Arch Linux and Windows 10 How to install Arch Linux and Windows 10 Pro as dual boot. A step by step tutorial how to create bootable installers, partition and setup a dual boot menu.
Mindset Updated Edition, Carol S. Dweck (Book Notes) Paragraphs I marked from the book "Mindset" from Carol S. Dweck.
How to setup a self-hosted Unifi NVR with Arch Linux A step by step HOW-TO that explain show to setup a Unifi Video Controller with an NFS share with Arch Linux.
Blender 2.8 How to use Transparent Textures Follow this node setup when you want to use an image with transparency as a "sticker".
Compiling FFmpeg with X264 on Windows 10 using MSVC A couple of steps to compile FFmpeg on Windows using MSVC.
Blender 2.8 OpenGL Buffer Exporter The following Blender script creates a [name].h and [name].cpp for the selected object and stores the positions, normals and UVs.
Blender 2.8 Baking lightmaps Light maps are a cheap way to add a lot of realism to you static scenes and have been used forever.
Blender 2.8 Tips and Tricks Use Environment Map only for reflections; create a floor plane for a Product Render, diffuse texture for roughness and more!
Setting up a Bluetooth Headset on Arch Linux Learn how to setup a Sennheiser PXC 550 Bluetooth headset on Arch Linux.
Compiling x264 on Windows with MSVC Compile the excellent x264 source on Windows using MSYS2 and MSVC.
C/C++ Snippets Is a number divisible by four?
Reading Chunks from a Buffer Some thoughts on reading bytes from a file; handy for reading NALs.
Handy Bash Commands Bash scripts: removing white space, lowercase filenames, backup using tar, etc.
Building a zero copy parser Simple solution to parse data in a pretty performant way. Used this for a RTSP protocol parser.
Kalman Filter A very simple yet powerful filter which works great when you have to smooth noisy data. Used for the Nike Rise 2.0 project.
Saving pixel data using libpng Do you have raw RGBA data that you want to save? Use this snippet to save it into a PNG file.
Compile Apache, PHP and MySQL on Mac 10.10 Setup you own PHP, MySQL and Apache and with virtual document roots.
Fast Pixel Transfers with Pixel Buffer Objects Using Pixel Buffer Objects (PBO) for fast asynchronous data transfers and OpenGL.
High Resolution Timer function in C/C++ Wait...... wait.. fast high resolution timer funtions (Windows, Linux, Mac)
Rendering text with Pango, Cairo and Freetype My never ending obsession with font rendering. A complex beast to do well. Use Pango and FreeType for the heavy lifting.
Fast OpenGL blur shader Make things look blurry ... and fast using this OpenGL blur shader.
Spherical Environment Mapping with OpenGL An old trick to get great lighting effects using Environment Maps and OpenGL.
Using OpenSSL with memory BIOs OpenSSL is a great library with lots of abstractions. In this post I discuss how to break some of these abstractions and use your own memory buffers.
Attributeless Vertex Shader with OpenGL A simple way to render a fullscreen quad without a vertex buffer with OpenGL.
Circular Image Selector Some thoughts on a different way to select images from a huge collection in a compact UI.
Decoding H264 and YUV420P playback Using libav to demux and playback with OpenGL.
Fast Fourier Transform Analyse your audio using the Fastest Fourier Transform in the West.
OpenGL Rim Shader Pretty glowy edges using a GLSL rim shader.
Rendering The Depth Buffer Render the non-linear OpenGL Depth Buffer.
Delaunay Triangulation Do you need to triangulate some shape: use the “Triangle” library.
RapidXML RapidXML is a versatile and fast XML parser with a simple API. Check out these examples.
Git Snippets Some simple GIT snippets; added here to remind myself.
Basic Shading With OpenGL A couple of basic GLSL shaders with explanation.
Open Source Libraries For Creative Coding Collection of great open source libraries for you creative programming projects.
Bouncing particle effect Snippet that can be used to create a bouncy particle effect; basic, effective, simple but nice.
OpenGL Instanced Rendering Want to render thousands and thousands of objects? Use OpenGL instanced rendering. The solution...the only solution.
Mapping a texture on a disc Ever heard about projective interpolation related to texture mapping? Learn about this intertesting issue with OpenGL and texture mapping.
Download HTML page using CURL When you want a quick solution to perform a HTTP(S) request CURL is always a quick an simple solution. Check out this example code.
Height Field Simulation on GPU Although not a Navier-Stokes implementation ... still a very nice and enjoyable effect.
OpenCV Optical Flow: when doing anything with tracking you've probably heard of it. See this simple example code using OpenCV and OpenGL.
Some notes on OpenGL FBOs and Depth Testing, using different Attachment Points, a YUV420p shader, ...
Math Meaning of the Dot Product in 3D graphics, calculating a perpendicular vector using Sam Hocevar's solution, orientation matrix and more.
Gists to remember Some gists that I want to remember, often use, etc...
Reverse SSH Do you want to login, into a remote PC but the remote PC is behind a firewall? Then use this simple reverse SSH trick which doesn't require changing your firewall rules.
Working Set Having issues with your compiler? Or during linking? Check these common issues and their solutions. I also list several tools that you can use to get a some useful info.
Consumer + Producer model with libuv Example of a common Multi Threaded Consumer/Producer Model using LibUV.
Parsing binary data Learn about the basic of a binary protocol and how to create one easily yourself.
C++ file operation snippets Reading a file into a string, vector, checking the file size, change to a position, etc. A collection of C++ file operation snippets.
Importance of blur with image gradients Do you want to experiment with OpenGL and aligning Brush Strokes along Image Gradients? Then check out this post about the importance of blurring.
Real-time oil painting with openGL Code snippet for fake "oil painting" effect with OpenGL using instanced rendering.
x264 encoder Basic example on how to use libx264 to encode image data using libav
Generative helix with openGL Screenshots of a project I worked on with that generates a DNA helix.
Mini test with vector field Screenshots while experimenting with a vector field; nothing much to see here.
Protractor gesture recognizer Testing the amazing One Dollar $1 gesture recognizer. The simplest and very good gesture recognizer.
Hair simulation Example code that implements the "Fast Simulation of Inextensible Hair and Fur" paper from M. Müller, T.Y. Kim and N.Chentanez.
Some glitch screenshots Glitch screenshots.
Working on video installation Screenshots of some experiments of a video installation.
Generative meshes I enjoy creating physics based simulations and render them on high res. Here are some experiments I did a time ago.
Converting video/audio using avconv Examples that show you how to use avconv to manipulate video and audio files.
Auto start terminal app on mac Automatically start you application whe Mac boots and make sure that it restarts your app when it exists. Handy for interactive installations.
Export blender object to simple file format Export the selected object in Blender into a .h and .cpp file that prepresents the buffer.