Translating Addresses
Network address translation rewrites the source or destination IP of packets as they cross a boundary. In the cloud it bridges private internal addresses and public routable ones, so many private instances can share a small pool of public addresses.
Where It Shows Up
Translation happens in several cloud components.
- A NAT gateway rewrites private sources to a public address for outbound traffic.
- An internet gateway maps an instance public IP to its private one transparently.
- A load balancer can perform source rewriting so replies return through it.
Why It Matters
Translation conserves scarce public addresses and hides internal topology, but it changes the address the backend sees. That is why many services add a forwarded header to preserve the original client address, since a naive backend would otherwise log the translator instead of the real client.
Key idea
Network address translation in the cloud rewrites source or destination addresses at gateways and balancers to share public addresses and hide topology, which means backends often need forwarded headers to recover the original client address.