Escolar Documentos
Profissional Documentos
Cultura Documentos
T ERMINOLOGY
Inside Local: Inside Global: Outside Global: Outside Local: Inside interface: Outside Interface: Static NAT: Dynamic NAT: NAT Overload: RFC1918 address local to the originating host. Publicly routable address local to the originating AS. Publicly routable address remote to the originating AS. RFC1918 address remote to the originating AS. The interface on the LAN. The interface on the WAN. Manually configured 1:1 NAT. Dynamically allocated 1:1 NAT. Dynamically allocated many:1 NAT tracked by port numbers.
V ISUAL A IDS
Assume we have the topology in the image below. The loopback addresses represent and simulate host PCs on a given network. They use RFC1918 addresses that cannot be routed across the internet. The Fast Ethernet interfaces have public IP addresses.
Assume that we are sending a packet from lo0 on the Corporate router to lo0 on the Remote router. This will give us addresses according to the following table: Inside Local Inside Global Outside Global Outside Local 10.0.0.1 198.10.7.3 8.8.8.8 172.16.0.1
Remember that lo0 will be the inside interface and fa0/0 will be the outside interface. Now lets see how a packet from Corporates lo0 interface will change on its way to Remotes lo0 interface. We will only be looking at source and destination IP addresses. When lo0 originally sends the packet, it will have a source of 10.0.0.1 and a destination of 8.8.8.8. We see this in the graphic below.
Next, once the Corporate router performs the NAT service, the source address will change to become a publicly routable address. See the graphic below.
Remember that this is still the same packet. We are just changing the source IP address at this point so that it can traverse the public internet. Once the packet reaches the Remote router, the Remote router will replace the public destination IP address with the private IP of the target host. See the image below.
As you can see, the inside global address remains the same despite the translation on the Remote router. Next, well talk about the different types of NAT: static, dynamic, and overloaded.
T YPES OF NAT
There are three types of NAT that we use in today s networks. They are static, dynamic, and overloaded. Overloaded NAT is sometimes also called PAT, or Port Address Translation. This will be described shortly. Static NAT A manually defined 1:1 mapping in which a single RFC1918 private IP address is mapped to a single publicly routable IP address. A dynamically allocated 1:1 mapping in which a single RFC1918 private IP is mapped to a single publicly routable IP address which is part of a pool of available IP addresses. A dynamically allocated many:1 mapping in which several RFC1918 private IP addresses can be mapped to a single routable IP address which may or may not be part of a pool of available IP addresses. NAT Overload is tracked according to unique port numbers assigned by the router.
Dynamic NAT
NAT Overload
S PECIAL C ONSIDERATIONS
When we configure dynamic or overloaded NAT, we need to create an access list that will permit a list of hosts to have their addresses translated into an address in the NAT pool. We then need to link the NAT pool with that access list. We discuss NAT configuration in more detail in other articles and documents.
C ONCLUSION
Please keep the information above in your mind whenever you configure NAT. Understanding these concepts is vital to configuring the expected behavior in NAT.