Now that you know about the advantages of using NAT, you should learn about the disadvantages
as well. The following is a list of some of the disadvantages of using NAT compared to
using individually configured, registered IP addresses on each network host:
NAT increases latency (delay). Delays are introduced into the switching path due to the
processor overhead needed to translate each IP address contained in the packet headers. The
router’s CPU must be used to process every packet to decide whether the router needs to translate
and change the IP header. Some Application layer protocols supported, such as DNS, have
IP addresses in their payload that must be translated also. This adds to the increased delay.
NAT hides end-to-end IP addresses that render some applications unusable. Some applications
that use the host IP address inside the payload of the packet will break when NAT
translates the IP addresses across the NAT border router.
Because NAT changes the IP address, there is a loss of IP end-to-end traceability. The multiple
packet-address changes confuse IP tracing utilities. This provides one advantage from
a security standpoint: It eliminates some of a hacker’s ability to identify a packet’s source.
NAT also makes troubleshooting or tracking down where malicious traffic is coming from
more troublesome. Because the traffic could be coming from a single user who is using different
IP addresses depending on when the traffic passes through the NAT router, accountability
becomes much more difficult.