Talk:Port address translation

What is the difference between port forwarding and port address translation? — Omegatron 15:43, August 23, 2005 (UTC)

For the record, it's that port address translation is a method of dynamically assigning source ports from an exposed public ip for connections to a remote server from an internal private ip, whereas port forwarding forwards a destination port on a exposed public ip to an internal server on a private ip, all the time.Nimmo 15:56, 24 June 2006 (UTC)

I still do not understand the distinction. I understand that port forwarding (PF) tends to be a static setup. It can be manipulated by changing firewall rules using a script. For instance, I use PF to enable my web browser at home to maintain devices on my internal work network which have web GUI interfaces. To do this I log into my firewall (Linux box with IP Tables) and run a script to add a rule to forward port 8080 of the public IP to the internal IP address of the device on port 80. When I am done, I run the script again to delete the forwarding. Is this similar to what PAT does automatically? It seems to me that with PAT, something similar goes on, but must be initiated by the device inside the private network. If that is the case, what is it used for? I need a concrete example to understand the benefit/function of PAT and understand how it differs from NAT with port forwarding. To stand alone, the PAT page needs to make this difference clear. If this isn't possible, then it should be merged with NAT as a special case. Atkinson 16:56, 01 March 2007 (UTC)

PAT is NAT with overload. PAT is used in home routers to convert all your different internal private IP addresses to your one public address (the one used on the internet). To manage the difference between all of these conversions something unique is required. As all of the public addresses are the same, a new key must be made. This is where the port comes in, being attached to the end of the IP address. Port forwarding simply forwards all packets from one port to a specific IP address. This is usually implemented through NAT so that youpublicIP:80 goes to yourprivate:80 (one address to one address). Mathiaus 14:52, 17 May 2007 (UTC)

You cannot merge PAT and Port Forwarding they are different -

Port Forwarding –

When you tell your router to forward packets to a certain port number, which is associated with an application. For example you set the TCP port in eMule to port 4210 and then tell you router to forward all packet to eMule via port 4210.

PAT – Port Address Translation

Using inside Global private addresses and converting them 2 one (or more depending on your allocation) usable IP address that can be seen on the Internet. This is done with the use of Port numbers. For example you have been assigned 1 public IP address 172.80.80.1 you would only be able to use 1 machine to communicate with the outside world. You use PAT with this IP to translate port numbers from PC’s inside the network to hold several conversations with the Internet. Adam 27/07/2007 @ 12:30 GMT

They cannot be merged. PAT seems to have varying meanings between manufactures. For most it means many to one type translation as with soho routers (this is also called NAT overload, or less specifically but more commonly known as NAT). All internal ip's are translated to one external IP, all internal ports are translated to external ports on that external ip. Port forwarding is a tool used on PAT (aka NAT overload, aka NAT) networks to ensure packets arriving from the internet with a certain destination port are always forwarded to a certain machine on the internal private network. This can be the first communication between the machines and the data will still be forwarded to the correct machine.Psyden 15:50, 9 November 2007 (UTC)

improvement of PAT

give more explanation through diagram and explain it clearly with the help of table showing port address translation —The preceding unsigned comment was added by 220.227.32.101 (talk) 07:19, 17 February 2007 (UTC).

As PAT goes through several steps from beginning to end, an animation of some sort, slowly rolling through the steps may be more appropiate? This would be able to show exactly what happened and when. Mathiaus 14:52, 17 May 2007 (UTC)

132.190.12.40 00:57, 14 August 2007 (UTC)SamIAM132.190.12.40 00:57, 14 August 2007 (UTC)

Example:

PAT is a dynamic system - where the first PC sending a request through the PAT device has it's data assigned a specific esoteric port number, and a second workstation sending a virtually identical request through the device gets assigned another - different esoteric port number for that transmission. -

to the observer the PAT device has just sent 2 similar requests - with the only difference being the port number,

the real benefits become apparent when the requests are answered and return data hits the PAT device, which inspects the incoming data - determines who it's intended for by examing the port number, repackages the data into a reply that the original sender will recognize, and sends the data on to the appropriate host.

once that data transaction is complete - a new set of data could be sent - and it's entirely possibile that the second PC gets assigned the port which was previously used for the first PC.

132.190.12.40 00:57, 14 August 2007 (UTC)SamIAM132.190.12.40 00:57, 14 August 2007 (UTC)

PAT vs NAT

Some suppliers treat PAT and NAT as distinct. Others use NAT as a cover term including PAT and other types of NAT. The wide availability of broadband NAT routers that actually provide PAT suggests that the term PAT should not be treated as a separate technology but as a type of NAT in line with common experience. Therefore, I suggest that this PAT page be modified to no longer discuss NAT vs PAT as though PAT is not a form of NAT. It would be appropriate to acknowledge that some vendors use the term NAT to refer exclusively to basic NAT, but not all vendors do so. 210.49.9.204 05:26, 3 October 2007 (UTC)

This should be merged into the NAT page, right now it is strongly pushing the POV that NAT means basic nat which is not the way the internet standards use the term. Plugwash 09:54, 3 October 2007 (UTC)

I agree with the need for a merge, the terms do get crossed quite a lot, the only pedantic distinction between them is the OSI level at which they operate. NAT (as put by the RFC and many other authors) is an umbrella term that could be construed to include PAT.

Some examples have been removed in the last edit, since they seemed to get PAT confused with DNAT (basic NAT from external to internal host). Those remaining examples have been assigned to the section and the terminology made consistent (e.g. inside->internal, outside->external etc.) Parallaxed (talk) 21:30, 29 June 2008 (UTC)

--Kvng (talk) 00:06, 2 March 2011 (UTC)

security

• Security - protocols whose security depends on the randomness of ports may lose their entropy