Disclosed are methods and apparatus for performing network address
translation (NAT) in a fully connected mesh with NAT virtual interface
(NVI). In general terms, mechanisms (e.g., within a combination
router/NAT device) are provided for translating network addresses of
traffic going between two private domains or realms. These mechanisms may
also be used to translate traffic going between a private and public
domain. When a particular private address is translated into a public
address, a binding is formed between the pre-translation address, the
post-translation address, and the interface associated with the private
or public address (e.g., an interface of the router/NAT device). Since
bindings of different interfaces are tracked, a private address and its
associated particular interface may be associated with a particular
public address. Accordingly, the translation mechanisms of the present
invention may be applied to two duplicate private addresses from two
different private domains because the two identical private addresses are
distinguished based on their different interfaces.