NAPT44

Network Address and Port Translation IPv4 to IPv4

Core Network
Introduced in Rel-11
NAPT44 is a specific type of Network Address and Port Translation where both the internal (private) and external (public) address families are IPv4. It is the standard, large-scale NAT function used to map many private IPv4 addresses to a shared pool of public IPv4 addresses, forming the basis of Carrier-Grade NAT.

Description

NAPT44 refers explicitly to the Network Address and Port Translation function where the translation occurs exclusively within the IPv4 address domain. It takes packets originating from UEs with private IPv4 addresses (e.g., from the 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 ranges) and translates their source IP address and source port number to a public IPv4 address and a unique port from the operator's pool. The '44' suffix denotes IPv4-to-IPv4, distinguishing it from translation mechanisms involving IPv6 (e.g., NAPT64). This is the workhorse technology behind most Carrier-Grade NAT (CGN) deployments in mobile networks.

Operationally, a NAPT44 function, typically embedded in the PGW or UPF, maintains a dynamic mapping table. Each entry correlates a 5-tuple from the internal network (source IP, source port, destination IP, destination port, transport protocol) with a translated 5-tuple used on the external network. For outbound TCP or UDP sessions, it allocates a unique external port for each internal socket, allowing thousands of simultaneous connections from different UEs to be multiplexed onto a single public IP. The translation is bidirectional and stateful; for inbound packets, the destination public IP and port are used as a key to look up the corresponding private IP and port, ensuring correct delivery.

The technical implementation must handle various edge cases: packet fragmentation, ICMP error message translation, and keep-alive mechanisms for long-lived sessions. To support applications that are sensitive to NAT behavior, NAPT44 implementations often include ALGs for specific protocols like SIP, FTP, or RTSP, which modify application payloads to reflect the translated addresses. Furthermore, 3GPP specifications define management interfaces for NAPT44, allowing operators to monitor translation table sizes, bindings, and to configure parameters like port allocation ranges and session timeouts to optimize resource usage and ensure service continuity.

Purpose & Motivation

NAPT44 exists as the standardized, scalable solution to the fundamental economic and technical constraint of IPv4 address exhaustion for mobile network operators. Its primary purpose is to allow a service provider to connect a massively large number of subscriber devices to the public IPv4 internet using a relatively very small pool of globally unique IPv4 addresses. This directly solves the problem of the finite IPv4 address space (approximately 4.3 billion addresses) being insufficient for the tens of billions of connected devices.

Before the ubiquitous deployment of NAPT44 in carrier networks, operators faced the untenable choice of acquiring ever more expensive public IPv4 addresses or limiting growth. NAPT44 provided a practical and immediate mitigation strategy. It enabled the use of private IPv4 addressing for the entire subscriber base within the mobile core network, requiring public addresses only at the border translation points. This architectural shift turned a scarce resource (public IPv4 addresses) into a shared, multiplexed resource, dramatically improving address utilization efficiency.

Beyond address conservation, NAPT44 also serves operational purposes. It simplifies network management by creating a clear demarcation between the private service network and the public internet. It can act as a natural policy enforcement point for traffic filtering, lawful interception, and usage-based charging. While it is not a security feature per se, it obscures internal network structure, providing a basic level of obscurity. Its standardization in 3GPP ensured that all vendors implemented compatible, interoperable, and high-performance CGN solutions, which was critical for maintaining service quality and application compatibility across multi-vendor networks.

Key Features

  • Performs stateful IPv4-to-IPv4 address and port translation for TCP, UDP, and ICMP
  • Core technology enabling Carrier-Grade NAT (CGN) in mobile networks
  • Dynamically allocates ports from a shared pool to multiplex many private IPs onto fewer public IPs
  • Includes support for Application Layer Gateways (ALGs) to assist NAT-sensitive protocols
  • Integrated with policy control to enable/disable translation per APN or subscriber
  • Provides logging and binding information for troubleshooting and regulatory compliance

Evolution Across Releases

Rel-11 Initial

Formally defined and named the NAPT44 function within 3GPP specifications, particularly in the context of IPv4 address continuity solutions. It detailed its role as the specific IPv4-to-IPv4 NAT mechanism for enabling communication for UEs that only have an IPv4 address and are behind a large-scale NAT.

TS 23.975

Defining Specifications

SpecificationTitle
TS 23.975 3GPP TS 23.975