Scaling IP Addresses - NAT

Download as ppt, pdf, or txt
Download as ppt, pdf, or txt
You are on page 1of 22

CCNA Semester 4: WAN Technologies

Module 1

SCALING IP

ADDRESSES

Objectives
Discuss characteristics of NAT and PAT Explain how to configure NAT and PAT Describe the characteristics of DHCP Explain how to configure DHCP

Table of Content
1 Scaling networks with Network Address Translation and Port Address Translation

2 Dynamic Host Configuration Protocol

SCALING NETWORKS WITH

NAT AND PAT

Private addressing
10.0.0.0 10.255.255.255 172.16.0.0 172.31.255.255 192.168.0.0 192.168.255.255

Introducing NAT and PAT


Cisco defines the following NAT terms:
Inside local address Inside global address Outside local address Outside global address

Major NAT and PAT features


Static NAT is designed to allow one-to-one mapping of local and global addresses. Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assigned to a network host. Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address

Configuring static NAT


Inside interface E0 S0 Outside interface

Ip nat inside
Inside host 10.1.1.2

Ip nat outside

Outside host

Router(config)# ip nat inside source static 10.1.1.2 171.69.68.10 Router(config)# interface ethernet 0 Router(config-if)# ip nat inside Router(config)# interface serial 0 Router(config-if)# ip nat outside

Configuring dynamic NAT/PAT


E0 S0

Internet

10.1.1.2

10.1.1.1

179.9.8.1

Define private IP addresses range: Router(config)# access-list 1 permit 10.1.1.0 0.0.0.255 Define public IP addresses pool: Router(config)# ip nat pool cisco 179.9.8.1 179.9.8.14 netmask 255.255.255.240 Establish dynamic source translation: Router(config)# ip nat inside source list 1 pool cisco overload Specify the inside and outside interface.

10.1.1.3

Verifying PAT configuration


Clear ip nat translation * Clear ip nat translation inside global-ip local-ip outside local-ip global-ip Show ip nat translation Show ip nat statistics

Troubleshooting NAT and PAT configuration


1. Based on the configuration, clearly define what NAT is supposed to achieve. (Da vo
cu hnh, nh ngha r rng, NAT g c nhim v hon thnh)

2. Verify that correct translations exist in the translation table. 3. Verify the translation is occurring by using show and debug commands. 4. Review in detail what is happening to the packet and verify that routers have the correct routing information to move the packet along with NAT or PAT

Issues with NAT


NAT conserves the legally registered addressing scheme (NAT bo tn h thng t a ch 1 cch hp php) NAT increases the flexibility of connections to the public network (NAT tng tnh linh hot ca nhng kt ni n mng Public) Consistency of the internal network addressing scheme NAT increases delay

Issues with NAT (cont.)


Cisco IOS NAT does not support the following traffic types:
Routing table updates DNS zone transfers BOOTP talk and ntalk protocols Simple Network Management Protocol (SNMP)

DHCP

Introducing DHCP
Dynamic Host Configuration Protocol (DHCP) works in a client/server mode. DHCP enables DHCP clients on an IP network to obtain their configurations from a DHCP server. A DHCP client is included in most modern operating systems including the various Windows operating systems, Novell Netware, Sun Solaris, Linux, and MAC OS.

Dynamic addressing: DHCP


DHCP Discover UDP Broadcast DHCP Offer UDP Broadcast DHCP Request DHCP Ack

DHCP server
MAC: Known IP: Unknown

IP Address Gateway IP of servers And more

IP1 IP2 IP3

Configuring DHCP
Specify DHCP pool: Router(config)# ip dhcp pool subnet12 Router(dhcp-config)# network 172.16.12.0 255.255.255.0 Router(dhcp-config)# default-router 172.16.12.254 Router(dhcp-config)# dns-server 172.16.1.2 Router(dhcp-config)# netbios-name-server 172.16.1.3 Router(dhcp-config)# domain-name cisco.com Specify the excluded IP addresses range: Router(config)# ip dhcp excluded-address startip-address end-ip-address

DHCP relay
SRC MAC: MAC A DST MAC: FFFF.FFFF.FFFF IP SRC: ? IP DST: 255.255.255.255 UD P 67 CIADDR: ? GIADDR: ? MASK: ? CHADDR: MAC A

A E0: 192.168.1.1/24 IP??? Ip helper-address 192.168.2.254

E1: 192.168.2.1/24

SRC MAC: E1 DST MAC: MAC SERVER

IP SRC: 192.168.2.1 IP DST: 192.168.2.254

UD P 67

CIADDR: ? GIADDR: 192.168.1.1 MASK: ? CHADDR: MAC A

server: 192.168.2.254

DHCP relay (cont.)


SRC MAC: E0 DST MAC: MAC A IP SRC: 192.168.2.254 IP DST: 192.168.1.10 UD P 68 CIADDR: 192.168.1.10 GIADDR: 192.168.1.1 MASK: 255.255.255.0 CHADDR: MAC A

A E0: 192.168.1.1/24 IP??? Ip helper-address 192.168.2.254

E1: 192.168.2.1/24

SRC MAC:MAC SERV DST MAC: E1

IP SRC: 192.168.2.254 IP DST: 192.168.1.10

UD P 68

CIADDR:192.168.1.10 GIADDR: 192.168.1.1 MASK: 255.255.255.0 CHADDR: MAC A

server: 192.168.2.254

Summary
Private addresses are for private, internal use and should never be routed by a public Internet router. NAT alters the IP header of a packet so that the destination address, the source address, or both addresses are replaced with different addresses. PAT uses unique source port numbers on the inside global IP address to distinguish between translations. NAT and PAT may be configured for static translation, dynamic translation, and overloading DHCP works in a client/server mode, enabling clients to obtain IP configurations from a DHCP server

Q&A

You might also like