The Lifecycle of a NATted Packet

When a packet hits a NAT gateway, the router must perform a series of CPU-intensive tasks:

1. Lookup: Match the internal Source IP/Port to an existing state in the NAT table.
2. Allocation: If no state exists, allocate a new public Port.
3. Modification: Rewrite the Source IP and Source Port in the IP/TCP/UDP headers.
4. Recalculation: Derive new Layer 3 and Layer 4 checksums.

Carrier-Grade NAT (CGNAT) and Cumulative Delay

Modern mobile and residential connections often go through CGNAT. In this scenario, your traffic is NATted once at your home router and then again at the ISP's core gateway.

This multi-tier translation increases the risk of 'NAT Type' issues in gaming consoles, where peer-to-peer connections cannot be established due to unpredictable port mapping on the second tier.

The CPU vs. Throughput Trade-off

NAT requires state. This means the router must remember every active connection in RAM. As the number of concurrent connections grows (e.g., BitTorrent or high-load web scrapers), the NAT table lookups take longer, leading to increased latency variance (Jitter).

Conclusion

NAT was a brilliant temporary fix for the IPv4 shortage, but it is a performance bottleneck. Understanding and mitigating NAT latency is essential for maintaining high-performance edge networks.