The Lamer Gamer

I know what NAT is and how it functions, but I’ve really been wondering lately just what defines the different NAT functional levels on the Xbox 360.  Finally found some documentation that at least explains what the technical meaning is behind each state, but not exactly why one is more or less desirable.  Clearly, “Open” (in green) is better than “Strict” (in red) but why is that?

From http://www.xbox.com/zh-SG/live/connect/diagnosing.htm

What does each NAT type mean?

It doesn’t have to anything to do with security. A router performing “open” NAT is no less secure than a router performing “strict” NAT. The classification system boils down to something called a port assignment policy.

• Open NAT means that either the port assignment policy is minimal or the router has a fully compliant version of UPnP (Universal Plug and Play) enabled by default.
• Moderate NAT means that the port assignment policy is minimal, but there is address or port filtering taking place.
• Strict NAT means the port assignment policy is aggressive.

Also from an Xbox Live document

Port Assignment Policy

1. When a NAT receives a UDP packet from a client device, it must decide what UDP port to assign to that UDP source port on that client device. There are two techniques the NAT can use to do this.The NAT can assign one UDP port to each UDP source port used by a client device, regardless of the destination of the UDP packet. We call this “minimal port assignment policy” because it results in the minimum number of UDP ports being assigned by the NAT. This is also sometimes called a “cone” NAT.
2. The NAT can assign a different UDP port for each UDP destination. We call this an “aggressive port assignment policy” because it results in the NAT assigning many ports. This is also sometimes called a “symmetric” NAT.