Escolar Documentos
Profissional Documentos
Cultura Documentos
Objectives
Discuss characteristics of NAT and PAT Explain how to configure NAT and PAT Describe the characteristics of DHCP Explain how to configure DHCP
Table of Content
1 Scaling networks with Network Address Translation and Port Address Translation 2 Dynamic Host Configuration Protocol
Private addressing
NAT is designed to conserve IP addresses and enable networks to use private IP addresses on internal networks. These private, internal addresses are translated to routable, public addresses.
NAT, as defined by RFC 1631, is the process of swapping one address for another in the IP packet header. In practice, NAT is used to allow hosts that are privately addressed to access the Internet. NAT translations can occur dynamically or statically. The most powerful feature of NAT routers is their capability to use port address translation (PAT), which allows multiple inside addresses to map to the same global address.
6
Static NAT is designed to allow one-to-one mapping of local and global addresses. Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assigned to a network host. Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address
7
NAT Concepts
NAT Terminology
NAT Operation
Static NAT
Dynamic NAT
NAT can be dynamic or static. Dynamic NAT translates inside addresses using a pool of global addresses. Each inside local address is dynamically assigned an inside global address from an administratively defined pool of addresses. Dynamic NAT enables hosts on a private network to access the internet by translating private addresses into public addresses.
1
NAT Overload
The PAT router keeps track of the different conversations by mapping TCP and UDP port numbers in the NAT table.
Overloading NAT
Configure a NAT pool Create an access list to determine which address should be translated Assign this access list to the NAT pool and set it for overload Assign inside and outside interfaces
Overloading NAT
Configure NAT pool
Range of addresses:
ip nat pool smallpool 192.168.1.33 192.168.1.33 netmask 255.255.255.224 Create a standard access list to identify which addresses should be translated access-list 24 permit 10.0.0.0 0.255.255.255 Assign this access list to the NAT pool and set it for overload ip nat inside source list 24 pool bigpool overload Assign inside and outside interfaces router(config-if)# ip nat {inside|outside}
Troubleshooting NAT
NAT conserves the legally registered addressing scheme NAT increases the flexibility of connections to the public network Consistency of the internal network addressing scheme NAT increases delay
Cisco IOS NAT does not support the following traffic types:
Routing table updates DNS zone transfers BOOTP talk and ntalk protocols Simple Network Management Protocol (SNMP)
DHCP
Introducing DHCP
Dynamic Host Configuration Protocol (DHCP) works in a client/server mode. DHCP enables DHCP clients on an IP network to obtain their configurations from a DHCP server. A DHCP client is included in most modern operating systems including the various Windows operating systems, Novell Netware, Sun Solaris, Linux, and MAC OS.
3
BOOTP Static mappings Permanent assignment Only supports 4 configuration parameters Lease
Both protocols are client/server based and use UDP ports 67 and 68.
IP Address IP Address Gateway Gateway IP of servers IP of servers And more And more
Configuring DHCP
Specify DHCP pool:
Router(config)# ip dhcp pool subnet12
Router(dhcp-config)# network 172.16.12.0 255.255.255.0
Router(dhcp-config)# default-router 172.16.12.254 Router(dhcp-config)# dns-server 172.16.1.2 Router(dhcp-config)# netbios-name-server 172.16.1.3 Router(dhcp-config)# domain-name cisco.com
show ip dhcp binding show ip dhcp server statistics. debug ip dhcp server events
DHCP relay
SRC MAC: MAC A DST MAC: FFFF.FFFF.FFFF IP SRC: ? UDP CIADDR: ? GIADDR: ? MASK: ? CHADDR: MAC A IP DST: 255.255.255.255 67
E1: 192.168.2.1/24
SRC MAC: E1
IP SRC: 192.168.2.1
UDP
server: 192.168.2.254
4
E1: 192.168.2.1/24
SRC MAC:MAC SERV IP SRC: 192.168.2.254 UDP DST MAC: E1 IP DST: 192.168.1.10 68
server: 192.168.2.254
4
Summary
Private addresses are for private, internal use and should never be routed by a public Internet router. NAT alters the IP header of a packet so that the destination address, the source address, or both addresses are replaced with different addresses. PAT uses unique source port numbers on the inside global IP address to distinguish between translations. NAT and PAT may be configured for static translation, dynamic translation, and overloading DHCP works in a client/server mode, enabling clients to obtain IP configurations from a DHCP server
4
Q&A