Home / ccna / CCNP / Dynamic NAT / NAT / networking / Networks / What is Dynamic NAT ?

What is Dynamic NAT ?

September 17, 2025 , , , , ,

What is Dynamic NAT ?

Dynamic Network Address Translation (Dynamic NAT) is a method used to dynamically assign public IP addresses from a shared pool to multiple private devices within a local network. 

This approach allows private devices to access public networks, like the internet, without requiring each device to have a permanently assigned public IP address. It offers flexibility and efficient utilization of limited public IP address resources.

What is Dynamic NAT ?

 Key Features of Dynamic NAT:

  • Instead of a one-to-one static mapping, Dynamic NAT assigns public IP addresses from a predefined pool.
  • The mapping is temporary and only lasts for the duration of the communication session.
  • The router or NAT device requires a pool of public IP addresses to allocate dynamically.
  • When a device from the private network initiates a connection, the NAT device assigns an available public IP from the pool.
  • Once a private IP is mapped to a specific public IP, all traffic destined for that session is routed correctly until the session ends.
  • Devices inside the private network are not directly exposed, adding a layer of protection.
  • Since the mapping is temporary, external entities cannot easily predict the public IP address of an internal device.

 How Dynamic NAT Works:

  1. A device in the private network sends data destined for an external public network.
  2. The NAT device intercepts the request and dynamically selects an unused public IP address from the pool.
  3. The NAT device maintains a mapping of the private address and the dynamically assigned public IP.
  4. When the external server responds, the NAT device translates the public IP back to the original private IP and delivers the data to the originating device.
  5. Once the session ends, the public IP is released back into the pool for use by other devices.

 Dynamic NAT and Static NAT:

    • Static NAT: One-to-one mapping between private and public IP addresses. Used for systems requiring a permanent, predictable IP (e.g., servers).
    • Dynamic NAT: Provides temporary mapping based on availability from a public IP pool. It is dynamic and not fixed.
    • Dynamic NAT is especially helpful in conserving public IP addresses while providing temporary and secure internet access for devices on a private network.

     Example:

    While Static NAT assigns a local IP address to a fixed public IP address (one-to-one), Dynamic NAT uses a pool of public IP addresses to temporarily assign internal network devices when they need to connect externally. This saves addresses and increases flexibility.

    Suppose you have 2 internal machines:
    Host A: 10.10.10.101
    Host B: 10.10.10.100

    Both want to access a public server at IP 207.163.205.27.
    The edge router performs NAT as follows:
    Host A sends the first packet out:
    The router checks the NAT table.
    No static mapping ⇒ dynamic translation is needed.
    Selects an IP from the pool, e.g., 207.163.201.7, temporarily mapped to 10.10.10.101.

    Host B also sends a packet:
    The router selects a different IP from the pool, e.g., 207.163.201.8 for 10.10.10.100.
    The packet's source address is changed:
    10.10.10.101 → 207.163.201.7
    10.10.10.100 → 207.163.201.8

    When the public server responds:
    It sends back to address 207.163.201.7, the router reverse-translates it back to 10.10.10.101.
    Send to address 207.163.201.8, the router reverse translates to 10.10.10.100.

    Each time an internal host opens a new connection, the router assigns an IP from the pool (if available).