Frequently Asked Question

What is NAT and why does my home network use it?

Network Address Translation lets many machines share a single public IP address. Your router holds the one public address its ISP gave it; the laptops, phones, and IoT devices inside the house all have private addresses from 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16, ranges reserved by RFC 1918 that are never routed on the public internet. When an inside device makes a connection out, the router rewrites the source address (and usually the source port) to its public address, remembers the mapping in a table, and rewrites the replies on the way back.

NAT is a pragmatic workaround for IPv4 exhaustion, not a security feature, even though it incidentally hides internal hosts behind a single externally-visible address. The same Linux subsystem (netfilter) that powers iptables and nftables does NAT in the kernel; small home routers are essentially specialised Linux boxes doing exactly that. IPv6 has enough address space that NAT is generally unnecessary, and most IPv6 deployments give every device its own globally routable address.