What is the role of NAT in SD-WAN, and how is NAT traversal typically handled for Internet-bound traffic?

NAT in SD-WAN is about making internal private addresses reach the Internet by translating them to a public address at the edge where traffic exits. Each SD-WAN edge can perform this NAT, so outbound Internet traffic from that site appears to originate from a public IP (often via PAT to share one public IP among many flows). When multiple Internet paths exist, the NAT rules must be consistent across those paths so return traffic is mapped back to the same edge and translation, avoiding confusion or misrouting. The overlay tunnels inside the SD-WAN simply carry the fabric traffic between sites while preserving the internal addressing; NAT ensures outward-facing addressing is correct, which is why NAT traversal is handled at the edge rather than by the overlay. NAT being absent, or being limited only to HQ or inbound traffic, would fail to provide proper Internet connectivity for all sites and all outbound flows.