A computer network is a facility by which interconnected computing devices exchange data. Most networks, including the Internet, operate primarily on the basis of the exchange of subdivisions of the data, called packets, which are individually routed across the network from a source device having a source address to a destination device having a destination address. Dividing the data into packets enables the network to be more efficiently used.
The packets are communicated according to a communication protocol that specifies the size and purpose of the data within the packet. The de facto standard for communication in conventional packet-based networks, including the Internet, is the Transmission Control Protocol/Internet Protocol (TCP/IP) in its various versions. An IP packet has a header carrying source and destination information, as well as a payload that carries the actual data.
Due to limitations of the IPv4 standard, not every device using the Internet can be assigned a unique IP address by the Internet Assigned Numbers Authority (IANA). Private networks allow more devices to use the Internet than there are unique IP addresses. Examples of these types of networks are shown in FIGS. 1 and 2. These private networks use Network Address Translation (NAT) to allow devices (A1 . . . AN) in the private network to communicate with other devices (B1 . . . BN, C1 . . . CN) over the Internet or other remote private networks. Gateways 1 between these private networks 4 and the Internet 3 are assigned an IP address by the IANA, and private network administrator will assign a device (A1 . . . AN, B1 . . . BN, C1 . . . CN) behind the private network, including private network gateways 2 within the private network or sub-network, an IP address in the address ranges reserved for private network use (10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255.255, 192.168.0.0-192.168.255.255). These private addresses are then translated by the private network's Internet gateway using NAT so that devices in the private network can access the Internet.
These private addresses, however, are obfuscated to devices outside of the private network. In the example shown in FIG. 1, data captured between the private networks containing devices A1 . . . AN and B1 . . . BN, traffic originating from device A1 and arriving at device B1 will appear to originate from private network A's NAT and not from A1. That is, A1's address will be translated by private network A's NAT to make it appear that traffic is originating from the NAT rather than A1.