NAT - ports used for translation

Network Address Translation (NAT) uses Transport Layer protocol port numbers, such as those used by TCP and UDP to translate inside addresses to outside addresses. A Transport Layer port number is a 16 bit number that is typically used to identify the application with which the particular communication is associated. As such, the full range of port numbers available are from 0 to 65535.

Technically, NAT can use any port that isn't currently in use for its translations, as log as it doesn't cause a conflict with a service that requires that particular port. However, most NAT implementations use the range from 49152 to 65535 which are known as the Dynamic or Private ports. These are not controlled by IANA so they are free to be used by any application.

Thus, NAT can theoretically translate up to 16384 inside addresses corresponding to a single outside address. However,  in most implementations, memory and CPU resources of the NAT router will be exhausted well before the number of ports will be consumed. Only in situations where we have Carrier-Grade NAT where thousands of devices use NAT will this limitation ever be reached.


Links to this page: