Table of Content1 Scaling networks with Network Address Translation and Port Address Translation 2 Dynamic Host Configuration Protocol... Introducing NAT and PAT Cisco defines the fol
Trang 1NAT/PAT/DHCP
Trang 2Table of Content
1 Scaling networks with Network Address Translation and
Port Address Translation
2 Dynamic Host Configuration Protocol
Trang 3SCALING NETWORKS WITH NAT
AND PAT
Trang 4Private addressing
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
Trang 5Introducing NAT and PAT
Cisco defines the following NAT terms:
Inside local address
Inside global address
Outside local address
Outside global address
Trang 6Major NAT and PAT features
Static NAT is designed to allow one-to-one mapping of local and global addresses
Dynamic NAT is designed to map a private IP address to a public address Any IP address from a pool of public IP addresses is assigned to a network host
Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address
Trang 7Configuring static NAT
Router(config)# ip nat inside source static 10.1.1.2 171.69.68.10
Router(config)# interface ethernet 0
Router(config-if)# ip nat inside
Router(config)# interface serial 0
Router(config-if)# ip nat outside
Trang 8Configuring dynamic NAT/PAT
Define private IP addresses range:
Router(config)# access-list 1 permit 10.0.0.0 0.0.255.255
Define public IP addresses pool:
Router(config)# ip nat pool cisco 179.9.8.0 netmask 255.255.255.240
Establish dynamic source translation:
Router(config)# ip nat inside source list 1 pool cisco overload
Specify the inside and outside interface.
Trang 9Verifying PAT configuration
Clear ip nat translation *
Clear ip nat translation inside global-ip local-ip outside local-ip global-ip
Show ip nat translation
Show ip nat statistics
Trang 10Troubleshooting NAT and PAT
configuration
1 Based on the configuration, clearly define what NAT is supposed to achieve
2 Verify that correct translations exist in the translation table
3 Verify the translation is occurring by using show and debug commands
4 Review in detail what is happening to the packet and verify that routers have the correct routing information to move the packet along
Trang 11Issues with NAT
NAT conserves the legally registered addressing scheme
NAT increases the flexibility of connections to the public network
Consistency of the internal network addressing scheme
NAT increases delay
Trang 12Issues with NAT (cont.)
Cisco IOS NAT does not support the following traffic types:
Routing table updates
DNS zone transfers
BOOTP
talk and ntalk protocols
Simple Network Management Protocol (SNMP)
Trang 13DHCP
Trang 14Introducing DHCP
Dynamic Host Configuration Protocol (DHCP) works in a client/server mode DHCP enables DHCP clients on an IP network to obtain their configurations from a DHCP server
A DHCP client is included in most modern operating systems including the various Windows operating systems, Novell Netware, Sun Solaris, Linux, and MAC OS
Trang 15BOOTP and DHCP differences
Both protocols are client/server based and use UDP ports
Trang 16DHCP server
IP1 IP2
IP Address Gateway
IP of servers
IP Address Gateway
IP of servers
Trang 17 Specify the excluded IP addresses range:
Trang 18Verifying and troubleshooting DHCP
operation
show ip dhcp binding
show ip dhcp server statistics
debug ip dhcp server events
Trang 19IP SRC: ?
IP DST: 255.255.255.255
UDP 67
CIADDR: ? GIADDR: ? MASK: ? CHADDR: MAC A
Trang 20DHCP relay (cont.)
E0: 192.168.1.1/24
Ip helper-address 192.168.2.254
E1: 192.168.2.1/24 IP???
A
SRC MAC: E0 DST MAC: MAC A
IP SRC: 192.168.2.254
IP DST: 192.168.1.10
UDP 68
CIADDR: 192.168.1.10 GIADDR: 192.168.1.1 MASK: 255.255.255.0 CHADDR: MAC A
SRC MAC:MAC SERV DST MAC: E1
IP SRC: 192.168.2.254
IP DST: 192.168.1.10
UDP 68
CIADDR:192.168.1.10 GIADDR: 192.168.1.1 MASK: 255.255.255.0 CHADDR: MAC A
Trang 21 Private addresses are for private, internal use and should never
be routed by a public Internet router
NAT alters the IP header of a packet so that the destination
address, the source address, or both addresses are replaced with
different addresses
PAT uses unique source port numbers on the inside global IP
address to distinguish between translations
NAT and PAT may be configured for static translation, dynamic
translation, and overloading
DHCP works in a client/server mode, enabling clients to obtain IP