NAT Overloading Port Address Translation (PAT)

Overloading is a very popular NAT technique, and is sometimes referred to as Port Address Translation (PAT). Instead of requiring multiple public IP addresses, overloading instead uses a single (or small number) of public address, and differentiates between sessions according to port number. When a client on the internal network wishes to access the Internet, it forwards the request to its configured gateway, the router running NAT. The router will translate the source address and port number of the packet to use the router’s public IP address and the same port number (if not already in use by another client), and will forward the “new” packet to the destination host. NAT mappings are stored in the router’s NAT table, as shown in the table below.

Table: The router’s NAT table shows a session mappings from three different internal clients.

When host attempts to access the web server at address, the request is first passed to the NAT server, where the source address and port number are translated, and a mapping is added to the NAT table. To the external web server, the request appears to be coming from address, TCP port 4085. The web server will send its reply to this address and port number. Once received by the router, it will look in its NAT table, and discover that since the packet’s destination is address TCP port 4085, it should be forwarded to internal host, TCP port 4085. The process is illustrated step-by-step in the figure below.

Figure: The steps involved when an internal client forwards a request to the Internet through a NAT router.

The overloading technique is obviously a very efficient way to implement NAT, since it requires only a single public IP address at a minimum. With thousands of TCP and UDP port numbers available, the technique is capable of supporting many internal clients using private addressing.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.