Post on 21-May-2015
Kh
oa
CN
TT
1/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Scaling Networks Scaling Networks
with NAT and PATwith NAT and PAT
TS, PHẠM VĂN TÍNHTS, PHẠM VĂN TÍNH
Scaling IP AddressesScaling IP Addresses
Kh
oa
CN
TT
2/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
ObjectiveObjective
Identify private IP addresses as described in RFC 1918
Discuss characteristics of NAT and PAT Explain the benefits of NAT Explain how to configure NAT and PAT,
including static translation, dynamic translation, and overloading
Identify the commands used to verify NAT and PAT configuration
List the steps used to troubleshoot NAT and PAT configuration
Discuss the advantages and disadvantages of NAT
Kh
oa
CN
TT
3/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Private addressesPrivate addresses
• NAT provides great benefits to individual companies and the Internet.
• Before NAT, a host with a private address could not access the Internet.
• Using NAT, individual companies can address some or all of their hosts with private addresses and use NAT to provide access the Internet.
Kh
oa
CN
TT
4/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Introducing NAT and PATIntroducing NAT and PAT
• NAT enable networks to use private IP addresses on internal networks. These private, internal addresses are translated to routable, public addresses.
• A NAT enabled device typically operates at the border of a stub network. A stub network is a network that has a single connection to its neighbor network
• Cisco defines the following NAT terms:
– Inside local address – The IP address assigned to a host on the inside network. This address is likely to be an RFC 1918 private address.
– Inside global address – A legitimate IP address assigned by the NIC or service provider (public address).
–Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
–Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address.
Kh
oa
CN
TT
5/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Major NAT and PAT featuresMajor NAT and PAT features
• Static NAT is designed to allow one-to-one mapping of local and global addresses.
• Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assigned to a network host.
• Overloading, or Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address. Multiple addresses can be mapped to a single address because each private address is tracked by a port number.
• PAT uses unique source port numbers on the inside global IP address to distinguish between translations.
Kh
oa
CN
TT
6/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Configuring Static NATConfiguring Static NAT
Router(config)#ip nat inside source static local-ip global-ip
Router(config-if)#ip nat inside
Router(config-if)#ip nat outside
Kh
oa
CN
TT
7/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Configuring Static NATConfiguring Static NAT
Kh
oa
CN
TT
8/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Configuring Dynamic NATConfiguring Dynamic NAT
Kh
oa
CN
TT
9/11
PH
ẠM
VĂ
N T
ÍNH
01-2
004
Configuring PATConfiguring PAT
Kh
oa
CN
TT
10/1
1P
HẠ
M V
ĂN
TÍN
H01
-200
4
Configuring PATConfiguring PAT
Kh
oa
CN
TT
11/1
1P
HẠ
M V
ĂN
TÍN
H01
-200
4
Verifying NAT and PAT configurationVerifying NAT and PAT configuration
Kh
oa
CN
TT
12/1
1P
HẠ
M V
ĂN
TÍN
H01
-200
4
Verifying NAT and PAT configurationVerifying NAT and PAT configuration
Kh
oa
CN
TT
13/1
1P
HẠ
M V
ĂN
TÍN
H01
-200
4
Troubleshooting NAT and PAT Troubleshooting NAT and PAT configurationconfiguration