The very special thing with all kinds of NAT is that the five-tuple
that uniquely identifies a connection: protocol , source
IP and port , destination IP and port that is the same on the
source, the destination and on routers in between, is different for
all three entities as soon as NAT is active on the router. Special,
since we now suddenly have three different such five-tuples where
each identifies the same connection on a different section of the
route: section one is from the source to the NAT router, section two
is from the NAT router to the destination and, at last, section three
is inside the NAT router that has to know both the other two sections.
We could also say only the NAT router knows what is really going on,
which also means the NAT device has to store lots of information about
the connection it translates which 'regular' routers do not need to
do.
This is something they have in common with firewalls: because they
both do not just relay packets from one side to another but also control
the data flows they must know as much about every connection as each
network device knows about its own connections, i.e. they must keep
state information. It is obvious that this requires a significant
overhead compared to simply routing packets.
I must not forget to say that if NAT is being used all packets must go through the NAT-router, i.e. there must not be any alternative routes a packet could take, so circumventing the address translation. The reason is obvious, but due to their nature as tools for organizing private networks NAT routers are mostly placed on the borderlines of internal (leaf) networks this should be no problem.