NFWare NAT44 Solution for ISPs

What is NAT44

NAT44 feature extends the usage of IPv4 by translating private IPv4 addresses that get allocated in the access network into public IPv4 addresses from a public IPv4 pool.

NAT44 is the NFWare Virtual CGNAT operational mode for mapping each application flow on the customer side to the public IPv4 address and one of its TCP or UDP ports as identified by the combination of a private IPv4 address and a TCP or UDP port. Virtual CGNAT multiplexes the addresses of many inside devices to a single outside address by mapping application flows.

For example, there are no new IPv4 addresses to use. So, a service provider must somehow continue to assign addresses to large numbers of new customers. Furthermore, it is impossible to assign IPv6 addresses right away due to the high cost of the replacement of expensive equipment. NFWare vCGNAT with NAT44 will improve the efficiency of IPv4 address translation.

The NAT44 functionality translates private IPv4 addresses into public IPv4 addresses from a specific pool of public IPv4 addresses to the Virtual CGNAT. Following the NAT44 concept, the public IPv4 addresses are pulled away from the customer site, where their multiplexing capacity is not efficiently exploited, to the outside of the centralized vCGNAT, where many customer networks can share a single public IPv4 address.

NAT44 vs NAT444

While NAT4 is responsible for IPv4 to IPv4 translation, some might have heard the term NAT444.
What’s the difference?

is a generic term meaning travel translation of ran IPv4 address to another IPv4 address. In many contexts, especially when people are differentiating between NAT types (like NAT64, which translates between IPv4 and IPv6), NAT44 essentially means regular NAT as we know it for IPv4 addresses.
Commonly known as "Double NAT", is a method ISPs employ to prolong the usability of IPv4 addresses due to the limited supply and the gradual transition to IPv6. Here, 444 refers to three sets of IPv4 addresses: Customer Private, ISP Private, and Public Internet. In many discussions, particularly among professionals, NAT444 may be abbreviated to NAT44. As seen on this page, when we refer to the mode of Carrier-Grade NAT, we use NAT44 to signify the carrier-grade translation from one IPv4 address to another.

Top Case Scenarios for NAT44 in ISPs Networks

With the depletion of available public IPv4 addresses, NAT444 allows ISPs to accommodate more customers using the same public address.
IPv4 Exhaustion
NAT444 can add an extra layer of obfuscation, making it harder for potential attackers to identify and target specific devices within a user's private network.
Network Security
While IPv6 is the long-term solution to address depletion, the transition can be complex. NAT444 offers a temporary measure, allowing ISPs to continue supporting their IPv4 customers while they gradually move to IPv6.
Delaying IPv6 Transition
Establishing a full-fledged IPv6 infrastructure or purchasing more IPv4 addresses can be costly. NAT444 provides a cost-efficiency allowing to save up to 90% on IPv4 addresses.
Cost Efficiency

Deploying NAT44

The deployment of NAT44, while seeming straightforward, requires a blend of technical acumen, foresight, and strategic planning. Before diving deep into the granular steps of its implementation, it’s essential to grasp the overarching considerations that will shape the deployment, from selecting the right equipment to ensuring seamless user experiences and future scalability.

1. Decide on Your Virtualization Strategy

Determine whether you want to use virtual solutions and commodity x86 servers for the deployment.

2. Choose a Deployment Scenario

Consider the most suitable location for the CGNAT: whether at the network edge or in a centralized position.

3. Determine the Network Configuration

Decide if the CGNAT will filter all traffic or only specific IP traffic to ensure optimal performance.

4. Plan Address Allocation

Determine the number of subscribers that will share a single IPv4 address.

5. Plan Hardware

If opting for a virtual NAT44 solution, ensure your x86 hardware is robust enough to handle the traffic demands.


NFWare’s NAT44 is a solution designed to address the shortage of IPv4 addresses. NFWare specializes in fast and efficient virtual network solutions, with NAT44 standing as a prime example. It’s tailored for service providers, aiming to tackle the IPv4 exhaustion issue and assist them in a seamless transition to IPv6.

An easily scalable solution, ranging from as little as 1 Gbps to 1 Tbps and beyond. Enhance the capacity of CGNAT in alignment with operators' requirements
Thanks to its patented architecture, NFWare can achieve up to 400 Gbps on just an x86 server, utilizing the full potential of the CPU resources
High Performance
NFWare works on top of standard x86 servers, which makes its deployment considerably more cost-effective than hardware-based solutions.
Cost Effective
NFWare has been deployed by both wireless and wireline service providers globally, spanning countries from Brazil and the US to the UK and Australia.
Top choice for ISPs worldwide