What are NAT Types and How They Impact Online Gaming Experience for Consoles (Switch/PS4)
Depends on your ISP and how the router is setup, either you could enjoy good online gaming experience, or you won’t be able to connect at all.
Network Address Translation, or shortly NAT, is method to group local IP addresses into one global IP address. Every device connected to internet must have IP address. This address determines how the network will reach them. When you have a Nintendo switch connected to house Wifi router, the switch actually has a local address, i.e. 192.168.0.10. Your other device, e.g. your smartphone will have different address, i.e. 192.168.0.11. These addresses are setup and assigned by your Wifi router. We can call these NAT addresses.
The Wifi router, usually connects directly to ISP, and thus to internet. The ISP will assign the router with an IP address. If lucky, you get a Public IP address. If otherwise, you may get other internal/NAT address.
If you are lucky to have good ISP, you will get setup looks like above figure. The router when connecting to internet through ISP will be given a dedicated public IP address, i.e. 172.25.99.34.
Not So-Lucky Setup
Otherwise, your router at home will be connected to another NAT within ISP’s internal router. Instead given static public IP, your router will be given another internal, NAT IP address. This means, multiple clients will have same public, shared IP address (172.25.99.34). If your neighborhood also uses same ISP, most likely their public IP address when accessing internet, will be the same.
Some ISP by default will give you public IP setup for free. Some others, especially if they have huge number of customers, probably will not. The IP addresses in the world are limited, and have price to maintain. You may contact your ISP to find out if you actually can get public IP or not.
NAT Type 1/ A/ Open
Now we come to the difference of NAT Types. The first type is called Open NAT.
Whenever a connection is requested from console to Wifi router, the console will open random local port, i.e. 45008 (port ranges from 1 to 65535). Wifi router, which connects directly to internet will also open a random port, i.e. 32145. This open port is accessible by other systems on internet.
The figure above shows example where the console is trying to access google on port 80. The data from google will be sent back from port 80, to port 32145 of router, and will be forwarded to port 45008 of console.
For the explanation sake, I simplified the port example. Internally, after client connects to google port 80, a random port is chosen from google, hence the client connects to new port instead. However this is transparent from outside. From client side it still sees as if it connects to port 80.
In order to have Open NAT, you will need public IP address. Because it is open, then other internet devices, services, consoles from anywhere can also access your IP address and connect to port 32145. Secondly you will need to have non-strict firewall so that the ports can be connected by any online player out there. Security wise this is of course concerning. But the risk is lower if you configure the router properly.
NAT Type 2/ B/ Moderate
If you are making connection to Google, port 80, then Google can reply back and send data from port 80. Google can also open new port, i.e. 443 to connect to your IP address port 32145. This is still allowed in Nat Moderate.
However, other address and service out there is not allowed to connect to your port 32145. Because that port is reserved and restricted only to your connection to Google.
Q: How Do NAT Open and Moderate Reflect in Online Your Gaming Connection ?
When you do online multiplayer games with peer-to-peer (P2P) architecture, either you or your friends will become the host, and other consoles will connect to your IP address.
In case of Nintendo and Sony Playstation, the request has to go through their online service first. Hence, the addresses connecting to your console will be the same (i.e. from Nintendo server). However they come from different ports, one may from from 50561 and the other may come from port 48500.
For Open NAT, this is of course possible, since anything can connect to your place.
For Moderate NAT, this is still possible because when your console opens connection to Nintendo server, it allows Nintendo to connect back to your port, from any other ports, as long as still from Nintendo.
Q: What About Nat Type 3/ C/ Strict ?
In case of Strict NAT type, the ISP or router does not allow reconnection from different port. Hence, if your console opens a connection to nintendo.com on port 80, then Nintendo can only send back data from port 80. This makes online multiplayer not possible.
Q: Seeing the diagram above, seems even Shared Public IP address can get Open NAT?
Theoretically yes. But here is the difference. When you have dedicated public IP, the network responsibility is transferred by ISP to your router, including how you manage the firewall connection. When you have shared public IP, it is managed by the ISP and for security reason, by default will not allow different host to connect the opened port.
NAT Connection Matrix
- Console with NAT Open can be connected by any other NAT type.
- Console with NAT Moderate can be connected by NAT Open and Moderate.
- Console with NAT Strict can only connect to other console with NAT Open. Why is it possible? It is because in that case, the other console will become the host and will open port. The strict console will be the passive one and only need the outgoing connection.
Q: I am using 4G/Mobile connection. I am able to play mobile games like ML/ PUBG, but not with my Nintendo switch. Why ?
Common architecture for online gaming is using client-server architecture. Means you and other player mobile phones only need to connect to internet, to the gaming server which acts as the main host. Your mobile phone does not need to be connected directly by other phone. The NAT issues are only applicable for P2P gaming like Mario Kart, Animal Crossing, etc.
Q: I do have public IP setup, but somehow during connection test, my NAT is B/ Moderate ?
You will need to reconfigure your router.
Above is example from Linksys router. The configuration location is different per router type. But it should around the Security or advanced area. You will need to find a menu called DMZ (De-Militarized Zone). There, you need to point out the IP address or Mac Address of your console. In certain router you may need to do permanent mapping of Mac to Local IP address first on DHCP menu, and then assign the IP for DMZ.
This configuration will bypass any security limitation for your console IP, so that it may receive any connection from any address and port on internet.
— — —
Thank you for reading. Cheers! 🍻