NAT involves modifying network address information so that a particular address space can be mapped into a different address space. NAT is typically used in conjunction with network masquerading for hiding an entire address space, usually consisting of private network addresses. The private address space remains hidden, e.g. behind a single public IP address by mapping the private addresses into a single address using a particular set of address translation rules. Outgoing requests generated by clients located in the private network are rewritten by a router upon exiting the private network so that the packets appear to originate from the router.
For example, a client device located in a private network may generate a new HTTP (hyper-text transfer protocol) request such as a Get request. The HTTP request includes the destination address of the host server, the client's private IP address, a desired action, etc. The NAT-enabled router coupling the private network to the public network translates the private IP address of the client to the public IP address of the router and sends the modified packet data onto the public network. The packet data is eventually delivered to the host server with the destination address included in the HTTP request. The HTTP request is delivered to the host server over a TCP connection established between the host server and the NAT-enabled router. In response, the host server generates an HTTP response which identifies the router as the destination device by using the public IP address of the router. The HTTP response is sent over the public network using the same TCP connection previously established. The router receives the HTTP response, maps the destination address to the client's private IP address using the translation rules and sends the packet data to the client.
Thus, NAT enables private network client devices to communicate with server hosts on an external network by changing the source address of outgoing requests to that of the NAT device and relaying responses back to the client device by undoing the address translation. However, NAT leaves the private network ill-suited to host servers because conventional NAT-enabled devices cannot automatically determine which internal server the incoming requests are destined for. Without a known preexisting connection history, conventional NAT-enabled devices are unable to discern one server from another in a private network and thus cannot readily forward incoming requests to the proper server. Some NAT traversal techniques require host servers located in a private network and external client devices to register with a rendezvous server located in the public domain. Some conventional rendezvous servers permit the end devices to discover each other so that the devices can eventually directly communicate. Other rendezvous servers act as a gateway, forwarding messages back and forth between the end devices. In each case, registration with a rendezvous server located in the public domain is required. Other NAT traversal techniques require the end devices to “learn” about each other, e.g. through trial-and-error or more deterministic techniques. However, these techniques do not guarantee success and can be unreliable.