In communication networks, a connection between a small home network or Local Area Network (LAN) and a larger network, such as the Internet or a Wide Area Network (WAN), may pass through one or more devices, e.g., a modem or router, generally referred to as a gateway. A gateway may provide a connection to an Internet Service Provider (ISP) and may perform a number of various functions such as providing a firewall and Network Address Translation (NAT) for the LAN. Network Address Translation can be used to allow multiple devices with “private” Internet Protocol (IP) addresses on the LAN to share a “public” IP address on the WAN by a process of modifying IP address information in IP packet headers while in transit across a traffic routing device, e.g., a gateway or router. For example, as network traffic (e.g., data packets) passes from the local network to the Internet, the source address in each packet may be translated on the fly from a private address to the public address. The NAT device (e.g. gateway or router) may track packet data about each active connection (particularly the destination address and port) so that, when a reply returns to the NAT device, the NAT uses the connection tracking data it stored during the outbound phase to determine the private address on the internal network to which to forward the reply. (When using the port information, NAT is also referred to as NAPT—Network Address and Port Translation. As used herein, NAT shall refer to both or either of NAT and NAPT unless otherwise specifically noted.) By allowing multiple devices on “private” IP address subnets (such as the LAN in the preceding example) to share “public” addresses, NAT has extended the capabilities of the Internet Protocol version 4 (IPv4) addressing scheme, which might otherwise have run out of available IP addresses long ago (referred to as “address exhaustion”).
The imminent exhaustion of Internet Protocol version 4 (IPv4) address space has Internet Service Providers considering the use of Carrier Grade NAT (CGN), also known as Large Scale NAT (LSN) or NAT444, depending on the various implementations. For example, one use of CGN is known as NAT444 because some customer's connections to public servers may pass through three different IPv4 addressing domains: the customer's own private network, the carrier's private network, and the public Internet. (Conventional NAT is now sometimes referred to as NAT44 by comparison). Carrier Grade NAT (NAT444, LSN) has been proposed as an approach for mitigating IPv4 address exhaustion, and easing the transition to IPv6. A typical application of NAT 444 (or LSN) provides a way of permitting the sharing of relatively small pools of public addresses among many end sites—e.g., a residential Local Area Network (LAN) connected to an operator's (e.g., Internet Service Provider) network via a home (customer premises) network gateway—with Network Address Translation between the ISP's network and the public IPv4 addresses being provided by Network Address Translation devices (e.g., Carrier Grade NAT devices) embedded in the network operator's (or ISP) network. Two levels of Network Address Translation are, thus, provided so that a NAT444 or LSN network configuration may be referred to as a double NAT environment.