NAT44

Network Address Translation IPv4 to IPv4

Core Network
Introduced in Rel-11
NAT44 is a core network function that translates private IPv4 addresses to public IPv4 addresses, enabling multiple devices within a private network to share a single public IP. It conserves the scarce public IPv4 address space and provides a basic layer of security by hiding internal network topology.

Description

NAT44 operates as a stateful translation mechanism, typically implemented within network gateways such as the Packet Data Network Gateway (PGW) or User Plane Function (UPF) in 3GPP architectures. Its primary function is to map private, non-routable IPv4 addresses (as defined in RFC 1918) used within a subscriber's local network or mobile device to one or more public, globally routable IPv4 addresses assigned to the operator. The process involves modifying the IP header and, for certain protocols, higher-layer payloads (like FTP or SIP) to ensure end-to-end connectivity. A NAT44 device maintains a translation table that binds the internal private IP address and port number to an external public IP address and port. For outbound packets, it replaces the source private address/port with the public mapping; for inbound packets, it performs the reverse lookup and translation based on the destination port and address. This table is built dynamically from outgoing traffic flows and entries are typically aged out after a period of inactivity. In 3GPP networks, NAT44 is crucial for Carrier-Grade NAT (CGN) deployments, allowing mobile network operators to serve a vast number of subscribers with a limited pool of public IPv4 addresses. It integrates with policy control for session management and may interact with Application Function (AF) for application-specific traversal requirements. While effective for address conservation, it breaks the end-to-end principle of the Internet and can complicate peer-to-peer applications and network-layer security protocols.

Purpose & Motivation

NAT44 was created to address the imminent exhaustion of the global IPv4 address space. As the number of Internet-connected devices exploded, the original 32-bit IPv4 addressing scheme, providing approximately 4.3 billion addresses, proved insufficient. NAT44 allows a single public IP address to be shared among hundreds or thousands of private devices, dramatically extending the utility of the existing IPv4 infrastructure. This provided a critical stopgap solution while the industry prepared for the long-term migration to IPv6. It also offered a secondary benefit of basic network obfuscation, as internal hosts are not directly addressable from the public Internet, providing a simple firewall-like effect. In 3GPP networks, its adoption was driven by the massive scale of mobile broadband subscriptions, where assigning a unique public IPv4 address to every smartphone, tablet, or IoT device became economically and technically impractical. It solved the problem of connecting a rapidly growing user base to the IPv4 Internet without requiring immediate, widespread deployment of IPv6.

Key Features

  • Stateful translation of private IPv4 to public IPv4 addresses
  • Port Address Translation (PAT) to multiplex multiple private sessions onto a single public IP
  • Dynamic creation and management of binding and session entries in a translation table
  • Integration with 3GPP policy and charging control for session-aware NAT
  • Support for Application Layer Gateway (ALG) functions to assist specific protocols (e.g., SIP, FTP)
  • Carrier-Grade scalability for deployment in large service provider networks

Evolution Across Releases

Rel-11 Initial

Introduced NAT44 as a standardized Carrier-Grade NAT (CGN) function within the 3GPP architecture, primarily for the Packet Data Network Gateway (PGW). Defined mechanisms for IPv4 address sharing, session management, and basic logging requirements for traceability, as specified in 23.975.

TS 23.975

Defining Specifications

SpecificationTitle
TS 23.975 3GPP TS 23.975