Bird
Raised Fist0
Interview Prepcomputer-networksmediumAmazonGoogleMicrosoftFlipkartSwiggy

NAT - Network Address Translation, Types & Port Forwarding

Choose your preparation mode3 modes available
SolutionTrace

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
🎯
NAT - Network Address Translation, Types & Port Forwarding
mediumNETWORKSAmazonGoogleMicrosoft

Imagine your home network with multiple devices sharing a single public IP address to access the internet seamlessly without conflicts.

💡 Many beginners confuse NAT with just IP masking or think NAT only hides IP addresses, missing its role in routing and port management.
📋
Interview Question

Explain what Network Address Translation (NAT) is, describe its main types (SNAT, DNAT, PAT), and explain how port forwarding works.

Purpose and function of NAT in IPv4 networksDifferences between Source NAT (SNAT), Destination NAT (DNAT), and Port Address Translation (PAT)How port forwarding enables external access to internal network services
💡
Scenario & Trace
ScenarioA home router allows multiple devices to access the internet using one public IP address.
Each device has a private IP; when a device sends a request, the router replaces the private source IP with its public IP and assigns a unique source port (PAT). When the response returns, the router uses the port mapping to forward the packet back to the correct internal device.
ScenarioA company wants to allow external users to access an internal web server hosted on a private IP.
The router uses DNAT to translate incoming packets destined for the public IP and a specific port to the private IP and port of the internal web server, enabling external access without exposing the internal IP.
  • What happens if two internal devices try to use the same source port simultaneously in PAT?
  • How does NAT handle protocols that embed IP addresses in the payload (e.g., FTP)?
  • What occurs when port forwarding is set up for a service but the internal server is offline?
⚠️
Common Mistakes
Thinking NAT only hides IP addresses without changing ports

Interviewer doubts your understanding of PAT and session multiplexing

Explain that PAT changes both IP and port to allow multiple sessions

Confusing SNAT and DNAT as the same thing

Interviewer sees lack of clarity on direction and purpose of translation

Clarify SNAT modifies source IP for outgoing traffic; DNAT modifies destination IP for incoming traffic

Assuming port forwarding exposes internal IPs directly

Interviewer questions your grasp of security implications

Explain port forwarding translates public IP and port to private IP and port without exposing internal IP externally

Ignoring how NAT handles protocols with embedded IP addresses

Interviewer suspects you lack practical knowledge of NAT limitations

Mention protocols like FTP require special handling (ALG) because NAT can't rewrite payload IPs

🧠
Basic Definition - What It Is
💡 This is the minimum you must know to explain NAT in any interview.

Intuition

NAT translates private IP addresses to a public IP address so multiple devices can share one internet connection.

Explanation

Network Address Translation (NAT) is a technique used in IPv4 networks to map multiple private IP addresses within a local network to a single public IP address for communication over the internet. It helps conserve public IP addresses and adds a layer of security by hiding internal IPs. The most common form is when a home router translates all internal device IPs to its single public IP.

Memory Hook

💡 Think of NAT as a receptionist who forwards calls from one public phone number to multiple internal extensions.

Interview Questions

What is the primary purpose of NAT?
  • Conserves public IPv4 addresses by sharing one IP among many devices
  • Hides internal network structure for security
Depth Level
Interview Time30 seconds
Depthbasic

Covers the fundamental concept and purpose of NAT, sufficient for screening rounds.

Interview Target: Minimum floor - never go below this

Knowing only this will help you pass initial screening but not detailed technical rounds.

🧠
Mechanism Depth - How It Works
💡 This is what product companies expect you to understand and explain clearly.

Intuition

NAT modifies IP addresses and ports in packet headers to enable multiple devices to communicate externally using a single public IP.

Explanation

NAT operates by rewriting the source or destination IP addresses and sometimes ports in IP packet headers as they pass through a router or firewall. Source NAT (SNAT) changes the source IP of outgoing packets from private to public IP, enabling devices to access the internet. Destination NAT (DNAT) modifies the destination IP of incoming packets to route them to the correct internal device, often used in port forwarding. Port Address Translation (PAT), a form of SNAT, also changes source ports to uniquely identify sessions, allowing many devices to share one public IP simultaneously. NAT maintains a translation table to track these mappings and correctly route return traffic. Port forwarding is a DNAT application where specific external ports are mapped to internal IPs and ports, enabling external access to services like web servers inside a private network.

Memory Hook

💡 Imagine a hotel concierge who not only forwards calls but also assigns unique room numbers (ports) to guests sharing the same phone line (IP).

Interview Questions

How does PAT allow multiple devices to share one public IP?
  • By translating both source IP and source port of outgoing packets
  • Assigns unique source ports to distinguish sessions
  • Maintains a NAT table to map ports back to internal IPs
Explain how port forwarding works using DNAT.
  • Incoming packets to a public IP and port are translated to a private IP and port
  • Allows external users to access internal services securely
  • Requires static mapping in the NAT device
Depth Level
Interview Time2-3 minutes
Depthintermediate

Demonstrates understanding of NAT internals, types, and practical applications like port forwarding.

Interview Target: Target level for FAANG on-sites

Mastering this level distinguishes you from most candidates and prepares you for detailed technical discussions.

📊
Explanation Depth Levels
💡 Choose your explanation depth based on interview stage and company expectations.
LevelInterview TimeSuitable ForRisk
Basic Definition30sScreening call or initial roundsToo shallow for on-site or deep technical rounds
Mechanism Depth2-3 minutesOn-site interviews at FAANG and top tech companiesRequires good understanding; missing details may lose points
💼
Interview Strategy
💡 Use this guide to structure your explanation and anticipate common questions during mock interviews.

How to Present

Start with a clear definition of NAT and its purposeGive a relatable example or analogy (e.g., home router sharing one IP)Explain the different types of NAT: SNAT, DNAT, and PATDescribe how port forwarding works and why it is usefulMention common edge cases or challenges with NAT

Time Allocation

Definition: 30s → Example: 1min → Mechanism: 2min → Edge cases: 30s. Total ~4min

What the Interviewer Tests

Your ability to clearly explain NAT's purpose, mechanisms, and practical use cases, plus handling of tricky scenarios like port conflicts or protocol issues.

Common Follow-ups

  • What happens if two devices try to use the same source port in PAT? → The NAT device assigns different external ports to avoid conflict.
  • How does NAT affect protocols that embed IP addresses in payloads? → Special handling or application-level gateways are needed.
💡 These follow-ups test your deeper understanding and ability to handle real-world NAT challenges.
🔍
Pattern Recognition

When to Use

When asked about IP address management, internet access for private networks, or firewall/router configurations.

Signature Phrases

'Explain Network Address Translation''Compare SNAT vs DNAT''What happens when multiple devices share one public IP?'

NOT This Pattern When

Similar Problems

Practice

(1/5)
1. Trace the sequence of DNS queries when a browser requests 'www.example.com' and the local DNS cache is empty. Which of the following correctly describes the order of servers queried?
easy
A. Local resolver -> Recursive DNS server -> Root DNS server -> TLD DNS server -> Authoritative DNS server
B. Local resolver -> TLD DNS server -> Root DNS server -> Recursive DNS server -> Authoritative DNS server
C. Local resolver -> Root DNS server -> Recursive DNS server -> TLD DNS server -> Authoritative DNS server
D. Local resolver -> Recursive DNS server -> Authoritative DNS server -> Root DNS server -> TLD DNS server

Solution

  1. Step 1: Start at local resolver

    The browser asks the local resolver, which forwards to the recursive DNS server if cache is empty.

  2. Step 2: Recursive DNS server queries root server

    The recursive server queries the root DNS server to find the TLD server for '.com'.

  3. Step 3: Recursive server queries TLD server

    Root server directs to TLD server, which is then queried for 'example.com'.

  4. Step 4: Recursive server queries authoritative server

    TLD server directs to authoritative DNS server for 'example.com', which returns the IP.

  5. Final Answer:

    Option A -> Option A

  6. Quick Check:

    Order matches DNS resolution hierarchy and recursive query flow -> correct
Hint: Recursive DNS server queries root -> TLD -> authoritative servers in order.
Common Mistakes:
  • Misplacing root server query after authoritative server
  • Confusing order of recursive and root server queries
  • Assuming local resolver queries root server directly
2. In which scenario is the TCP three-way handshake essential before data transmission begins?
easy
A. When broadcasting a message to multiple hosts on a local network
B. When establishing a reliable connection-oriented session between two hosts
C. When sending a single UDP datagram to a remote host
D. When encrypting data packets for secure transmission

Solution

  1. Step 1: Identify the purpose of the handshake

    The TCP three-way handshake is designed to establish a reliable, connection-oriented session between two hosts before data transfer.

  2. Step 2: Analyze each option

    Sending a single UDP datagram to a remote host is incorrect because UDP is connectionless and does not use a handshake. Broadcasting a message to multiple hosts on a local network is incorrect because broadcasting does not require connection establishment. Encrypting data packets for secure transmission is unrelated to connection setup; encryption is a separate process.

  3. Final Answer:

    Option B -> Option B

  4. Quick Check:

    Only TCP connections require this handshake to ensure reliability and synchronization.
Hint: TCP handshake = reliable connection setup, not for UDP or broadcast
Common Mistakes:
  • Confusing TCP handshake with UDP communication
  • Assuming handshake is needed for broadcast or encryption
3. Why might DHCP not be suitable for assigning IP addresses in a network with extremely high client churn and very short connection durations?
medium
A. Because the overhead of frequent DHCP Discover and Request messages can cause network congestion
B. Because DHCP cannot assign IP addresses dynamically in such environments
C. Because DHCP servers do not support IP address leasing
D. Because clients must manually configure IP addresses in such cases

Solution

  1. Step 1: Understand DHCP overhead

    Each new client connection triggers the DORA sequence, which adds network traffic.

  2. Step 2: Analyze impact of high churn

    Frequent IP requests can overload the DHCP server and increase broadcast traffic, causing congestion.

  3. Step 3: Evaluate other options

    Because DHCP cannot assign IP addresses dynamically in such environments is false; DHCP is designed for dynamic assignment. Because DHCP servers do not support IP address leasing is incorrect; DHCP supports leasing. Because clients must manually configure IP addresses in such cases is unrelated to DHCP limitations.

  4. Final Answer:

    Option A -> Option A

  5. Quick Check:

    High churn leads to excessive DHCP message overhead.
Hint: High churn -> many DHCP messages -> potential congestion
Common Mistakes:
  • Believing DHCP cannot assign dynamically in such cases
  • Confusing DHCP leasing with static assignment
  • Assuming manual configuration is required when DHCP is unsuitable
4. Which of the following statements about the TCP connection termination process is INCORRECT?
medium
A. The connection closes immediately after the first FIN packet is sent
B. Either side can initiate termination by sending a FIN packet
C. Connection termination requires four steps involving FIN and ACK packets from both sides
D. After termination, both sides enter a TIME_WAIT state to ensure all packets are received

Solution

  1. Step 1: Review TCP termination steps

    Termination involves a four-step exchange: FIN from initiator, ACK from receiver, FIN from receiver, ACK from initiator.

  2. Step 2: Analyze each statement

    Connection termination requires four steps involving FIN and ACK packets from both sides is correct describing the four-step process. Either side can initiate termination by sending a FIN packet is correct; either side can initiate. After termination, both sides enter a TIME_WAIT state to ensure all packets are received is correct; TIME_WAIT ensures delayed packets are handled. The connection closes immediately after the first FIN packet is sent is incorrect because connection does not close immediately after first FIN; it requires the full handshake.

  3. Final Answer:

    Option A -> Option A

  4. Quick Check:

    Termination is a multi-step process, not instantaneous.
Hint: Termination = 4 steps, not immediate close after FIN
Common Mistakes:
  • Assuming connection closes right after first FIN
  • Thinking only server can initiate termination
  • Ignoring TIME_WAIT state
5. If a network uses IPv6-only hosts but needs to access IPv4-only services, which transition technique would best handle DNS resolution and packet translation without requiring dual-stack on hosts?
hard
A. Dual-stack deployment on all hosts
B. Tunneling IPv6 packets over IPv4 infrastructure
C. NAT64 combined with DNS64 to translate DNS queries and packets
D. Manual static mapping of IPv6 addresses to IPv4 addresses

Solution

  1. Step 1: Understand the scenario

    IPv6-only hosts need to reach IPv4-only services without dual-stack.

  2. Step 2: Analyze options

    Dual-stack deployment on all hosts requires dual-stack, which is excluded. Tunneling IPv6 packets over IPv4 infrastructure tunnels IPv6 over IPv4 but does not solve DNS translation. NAT64 combined with DNS64 to translate DNS queries and packets correctly combines NAT64 (packet translation) and DNS64 (DNS query translation) to enable IPv6-only hosts to access IPv4 services transparently. Manual static mapping of IPv6 addresses to IPv4 addresses is impractical and not scalable.

  3. Final Answer:

    Option C -> Option C

  4. Quick Check:

    NAT64/DNS64 enables IPv6-only hosts to access IPv4 services without dual-stack.
Hint: NAT64 + DNS64 = IPv6-only hosts reach IPv4 services [OK]
Common Mistakes:
  • Assuming tunneling solves DNS translation
  • Thinking dual-stack is mandatory for IPv6-to-IPv4 access
  • Believing manual mappings are practical