If my IP (in local network) isn't unique how can an outside device address me?

Question

I'm trying to figure out how a network works and I got stuck with a case where NAT is used.

I have a router and a local network managed by this router, this router performs addresses translation (i.e. NAT).

Some local host sends an IP datagram to the router, the router changes a source IP address (to outside router's IP) and a source port number(to ??? <1>) in this datagram and forwards it outside.

If/when a destination host sends an IP datagram back, our router changes a destination source address and a destination port number to proper ones using some information stored during source address translation.

I have three questions:

1. What a port number does the router assign to an IP datagram's source port number when some local host sends an IP datagram (look for <1> tag)? (I guess it uses a first available port number, is it true?)

2. A local host can initiate connection to a remote host, but what about vice versa? Is it possible and if, how is it possible? (If our host's IP address isn't unique or isn't registered how can outside host talk to us).

3. If the answer to a 2. question is: impossible, how then torrent works? (where, as I know, hosts talk to each other while they can be in different local networks.)

A little bit clear about 1. question: I don't mean a case where a router with NAT has a set of servers as a local network, where, as I guess, it's clear what a port number is to use - a port number associated with some serves launched on specific server - in this case port numbers can be/are unique per a local network, in my opinion.

Answer 1

Imagine you have several host in your local network, all with IPs in the 192.168.0 range. One of them tries to access a Internet server at (say) 1.1.1.2 port 80. The host sending the request will assign will select the next available port and sends a request that has identified by the 4 values host address, host port, destination address, destination port.

1. The NAT router will examine the received request and forward it. It will only change the host port if it is already in use, otherwise it just keeps the same. It adds the request´s 4 values to its internal state table. One the answer comes back, it looks up the end destination in its table and forwards the message. if something comes in and it´s not in the table, it just is discarded, in other words the internal host must initiate connections or message exchange.

2. By default, only outgoing connections or mesages are allowed on most home or SOHO routers. If you want to have incoming connections you have to configure it (port forwarding) so an outside host can connect to your (public) IP address or send an unsolicited message, and the router knows where to forward that connection to.

3. There are techniques to allow hosts behind NAts to connect directly without special configurations, hole punching is commonly used and involves a 3rd host (a server accessible to both host).