By Charles Miller
“So what is a router?” you ask. More specifically, what is a “natting router?” Network Address Translation (NAT) is what a router does. Your ISP (Internet Service Provider), such as Megacable, Telmex, or other company provides you with only one IP address, known as your “public IP.” A router is the equipment that allows you to take that one IP address assigned to you by your ISP and connect more than one device to it. That is good because nowadays all of us seem to want more than just one internet-connected device in our homes.
One of my clients, a modern, tech-savvy user, has more than 50 internet-connected devices in his house; and it is not an overstatement to say that is fast becoming typical. When you add up three computers, two smartphones, two printers, three smart TVs, a music system with half a dozen speakers, a thermostat, a garage door opener, some security cameras, and several dozen internet-connected light bulbs, then the total number of devices adds up quickly. Each and every one of them requires its own unique IP address. So, if your ISP only allows you one IP address connected to the internet, how then can you possibly connect more than one of those devices to the internet?
The answer is a router, which allows all of the devices inside your house to take turns using the one outside connection to the internet. It does so by monitoring the one connection to the outside, and routing data packets to and from the correct device inside. The router works so incredibly fast that no device on the local network must wait more than a few milliseconds for a connection.
In addition to permitting you to have many devices connected to one internet connection, routers also provide an important protective function. We all know the internet is teeming with malware and all manner of dangerous stuff we do not want to let into our home. By the simple expedient of strict NAT traversal rules, a router provides a great deal of protection against the bad stuff found online.
NAT traversal is straightforward, simple, and elegant. Routers only accept incoming connections from remote IPs that recently received outbound traffic from you. In other words, if you search for something on google.com the router will let the answer come in. But if some malware comes knocking on your door unsolicited and pretending to be google.com, that connection should be refused by your router because you did not initiate the contact. That is an oversimplification, but most unsolicited traffic, including attempts to infect devices on your home network are effectively blocked by your router.
The previous column in this series addressed the importance of security for Internet of Things (IoT) devices you might want to connect to the internet, and the preceding overview of NAT and routers is essential to understanding this. The next article in this series will continue by explaining the Achilles heel of what is otherwise an almost perfect security system your router provides.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 415-101-8528 or email FAQ8@SMAguru.com.
