NAT and ICMP

[!NOTE] This module explores the core principles of NAT and ICMP, deriving solutions from first principles and hardware constraints to build world-class, production-ready expertise.

1. NAT (Network Address Translation)

We ran out of IPv4 addresses years ago. NAT is the primary reason the Internet still works. It allows a single Public IP address (on a router) to represent an entire private network.

How it works (PAT - Port Address Translation)

  1. Outbound: When your laptop (192.168.1.10) sends a request to Google, the router replaces your private IP with its Public IP and assigns a unique Source Port.
  2. Mapping: The router stores this in a NAT table: Public:Port <-> Private:Port.
  3. Inbound: When Google replies, the router looks up the port in the table and forwards the data back to your laptop.

2. ICMP (Internet Control Message Protocol)

ICMP is used by network devices to send error messages and operational information. It has no β€œPorts” (unlike TCP/UDP).

Common ICMP Tools

  • Ping: Uses Echo Request and Echo Reply to test if a host is reachable and determine latency.
  • Traceroute: Uses the TTL (Time to Live) field in IP packets to identify every router in the path to a destination.
  • Router 1: TTL=1, expires, sends Time Exceeded message.
  • Router 2: TTL=2, expires, sends Time Exceeded message.

3. Interactive: The NAT Table

Watch the address swap in real-time.

πŸ’»
192.168.1.10
Router (NAT)
[Empty Table]
☁️
Public IP: 8.8.8.8
Waiting for outbound traffic...

4. Common ICMP Errors

  • Destination Unreachable: The network or host cannot be found.
  • Time Exceeded: The TTL reached 0 before the packet reached its destination (prevents infinite loops).
  • Redirect: A router tells a host there is a better path to a specific destination.