NAT FAQ

Created by Paul Menchini
Last updated: Jun 21, 2023 by Nathan Harmer
2 min read

Network Address Translation (NAT) is a common technique in both enterprise, small/home office and home networks. Its main utility is in preserving the finite (and expensive) pool of public addresses by allowing many devices to use a single public address (in the same way that a company can have multiple telephones behind a switchboard that all can be contacted through a single outside telephone number.

At NCSSM, there are, at any point in time, thousands of devices connected to our network, but we have only a few hundred public addresses available to us. It would be impractically expensive to obtain individual public addresses for each device on our network, so most devices share a single public address. (The rest are reserved for servers and special purposes.)

The process of translating from multiple on-campus addresses to the shared public address is called NAT. Home and small-office routers do the same (on a smaller scale) to allow multiple devices to connect to a single home/small office Internet connection. but there are differences between Enterprise NAT and Home/Small-Office NAT.

NAT Types and Gaming Consoles

The Xbox (and other gaming consoles) recognize three NAT types:

  1. With an OPEN NAT type, you’re able to chat with other people, as well as join and host multiplayer games with people who have any NAT type on their network.

  2. With a MODERATE NAT type, you’re able to chat and play multiplayer games with some people; however, you might not be able to hear or play with others, and normally you won’t be chosen as the host of a match.

  3. With a STRICT NAT type, you’re only able to chat and play multiplayer games with people who have an OPEN NAT type. You can’t be chosen as the host of a match.

At NCSSM, as with all enterprise networks employing NAT, your gaming devices will most likely report using STRICT NAT.

Can you change the NAT type to make it more open?

Unfortunately the NAT type cannot be changed on the NCSSM network. This is not due to a limitation placed by ITS, but by limitations of the gaming devices, and the NAT protocol itself. The Xbox and similar devices were designed for use in a home environment where the designers assumed that it would be the only Xbox on that Internet connection. A more open NAT type depends on all incoming Xbox Live (and similar) traffic being sent to a single device. With the large number of Xbox consoles and similar devices sharing the campus Internet connection, changing the NAT type would not have the desired effect.

Can you enable uPnP or forward port xxxx?

We cannot. uPnP and port forwarding are both designed for consumer style home routers; neither works in large enterprise networks like that of NCSSM. The reasons are the same as for NAT modification: it would forward all traffic for all similar devices to a single device and would not achieve the desired effect.