Chapter 13 Network Address Translation

Slides:



Advertisements
Similar presentations
CCENT Study Guide Chapter 12 Security.
Advertisements

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
© 2002, Cisco Systems, Inc. All rights reserved..
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—5-1 WAN Connections Enabling the Internet Connection.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.
M. Dahshan - TCOM52721 TCOM 5272 Telecomm Lab Dr. Mostafa Dahshan OU-Tulsa 4W 2 nd floor
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
Sybex CCNA Chapter 11: Network Address Translation Instructor & Todd Lammle.
© 2003, Cisco Systems, Inc. All rights reserved. ICND v2.1—4-1 © 2003, Cisco Systems, Inc. All rights reserved. 1 Scaling the Network with NAT and PAT.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
Sybex CCENT Chapter 13: Network Address Translation Instructor & Todd Lammle.
Instructor & Todd Lammle
1 Chapter Overview Subnet. What is a subnet When you break a network into a few smaller networks, you have created several subnets Like IP address where.
4: Addressing Working At A Small-to-Medium Business or ISP.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Network Address Translation
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 1 Scaling IP Addresses.
NAT (Network Address Translation) Natting means "Translation of private IP address into public IP address ". In order to communicate with internet we must.
Page 1 NAT & VPN Lecture 8 Hassan Shuja 05/02/2006.
Introduction to Network Address Translation
Network Address Translations Project no. : 12 Prof. Edmund Gean Presented by DhruvaPatel( ) Sweta Patel( ) Rushika Patel ( ) Guided.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Planning the Addressing Structure Working at a Small-to-Medium Business.
Instructor & Todd Lammle
Network Address Translation External/ Internal/. OVERLOADING In Overloading, each computer on the private network is translated to the same IP address;
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.1 Module 1 Scaling IP Addresses.
CCNA 4 v3.1 Module 1 Scaling IP Addresses
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.
Configuring NAT and PAT Chapter 18 powered by DJ 1.
1 © 2004, Cisco Systems, Inc. All rights reserved. Scaling IP Addresses Network Address Translation(NAT)
Scaling Networks with Network Address Translation Scaling Networks with Network Address Translation Solutions for IPv4 Security and Scalability ECPI College.
NAT & PAT Network Address Translation Port Address Translation.
IP Addressing.
N ETWORK S ECURITY Network Address Translation. C ONTENTS What is NAT NAT Terminology How NAT works NAT translation Dynamic, static and overloading Advantages.
NAT/PAT by S K SATAPATHY
CCNA Discovery Semester 3 Addressing in an Enterprise Network Chapter 4 K. Martin.
1 Pertemuan 14 Scaling Networks with NAT and PAT.
Click to edit Master subtitle style Chapter 8: IP Subnetting, Troubleshooting and Introduction to NAT Instructor:
CCNA4-1 Chapter 7-1 IP Addressing Services Scaling Networks With Network Address Translation (NAT)
Configuring NAT. Configuring Static NAT There are two basic tasks to perform when configuring static NAT translations: Create the mapping between the.
CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)
Discovery 2 Internetworking Module 4 JEOPARDY K. Martin.
Click to edit Master subtitle style Chapter 8: IP Subnetting, Troubleshooting and Introduction to NAT.
Planning the Addressing Structure
Chapter 5 VLSMs, Summarization and Troubleshooting TCP/IP
© 2002, Cisco Systems, Inc. All rights reserved.
Instructor & Todd Lammle
CCENT Study Guide Chapter 12 Security.
Network Address Translation
Instructor Materials Chapter 9: NAT for IPv4
NAT / PAT.
Planning the Addressing Structure
Routing and Switching Essentials v6.0
Introducing To Networking
NAT , Device Discovery Chapter 9 , chapter 10.
New Solutions For Scaling The Internet Address Space
CIS 82 Routing Protocols and Concepts Chapter 11 NAT
Routing and Switching Essentials v6.0
NAT / PAT.
Cabrillo College Building Cisco Remote Access Network
Instructor Materials Chapter 9: NAT for IPv4
Planning the Addressing Structure
Planning the Addressing Structure
Instructor: Mr. Malik Zaib Alam
Chapter 11: Network Address Translation for IPv4
Prepared by :Adeel Ahmad
Sybex CCNA Chapter 11: Network Address Translation.
Presentation transcript:

Chapter 13 Network Address Translation CCENT Study Guide Chapter 13 Network Address Translation

Chapter 13 Objectives The CCENT Topics Covered in this chapter include: 4.0 Infrastructure Services 4.7 Configure, verify, and troubleshoot inside source NAT. 4.7.a Static 4.7.b Pool 4.7.c PAT

When Do We Use NAT? Network Address Translation (NAT) is similar to Classless Inter- Domain Routing (CIDR) in that the original intention for NAT was to slow the depletion of available IP address space by allowing multiple private IP addresses to be represented by a much smaller number of public IP addresses. Here’s a list of situations when NAT can be especially helpful: When you need to connect to the Internet and your hosts don’t have globally unique IP addresses When you’ve changed to a new ISP that requires you to renumber your network When you need to merge two intranets with duplicate addresses

Figure 13.1: Where to configure NAT You typically use NAT on a border router. For example, in Figure 13.1, NAT is used on the Corporate router connected to the Internet.

Types of NAT Static NAT Dynamic NAT Overloading This type of NAT is designed to allow one-to-one mapping between local and global addresses. Keep in mind that the static version requires you to have one real Internet IP address for every host on your network. Dynamic NAT This version gives you the ability to map an unregistered IP address to a registered IP address from out of a pool of registered IP addresses. You don’t have to statically configure your router to map each inside address to an individual outside address as you would using static NAT, but you do have to have enough real, bona-fide IP addresses for everyone who’s going to be sending packets to and receiving them from the Internet at the same time. Overloading This is the most popular type of NAT configuration. Understand that overloading really is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address (many-to-one) by using different source ports. Now, why is this so special? Well, because it’s also known as Port Address Translation (PAT), which is also commonly referred to as NAT Overload. Using PAT allows you to permit thousands of users to connect to the Internet

NAT Terms Names Meaning Inside local Source host inside address before translation—typically an RFC 1918 address Outside local Address from which source host is known on the Internet. This is usually the address of the router connected to ISP—the actual Internet address. Inside global Source host address used after translation to get onto Internet. This is also the actual Internet address. Outside global Address of outside destination host and, again, the real Internet address

Figure 13.2: Basic NAT translation In this figure, we can see host 10.1.1.1 sending an Internet-bound packet to the border router configured with NAT. The router identifies the source IP address as an inside local IP address destined for an outside network, translates the source IP address in the packet, and documents the translation in the NAT table. The packet is sent to the outside interface with the new translated source address. The external host returns the packet to the destination host, and the NAT router translates the inside global IP address back to the inside local IP address using the NAT table. This is as simple as it gets!

Figure 13.3: NAT overloading example (PAT) With PAT, all inside hosts get translated to one single IP address, hence the term overloading. Again, the reason we’ve just run out of available global IP addresses on the Internet is because of overloading (PAT).

Static NAT Configuration Let’s take a look at a simple example of a basic static NAT configuration: ip nat inside source static 10.1.1.1 170.46.2.2 ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside interface Serial0 ip address 170.46.2.1 255.255.255.0 ip nat outside In the preceding router output, the ip nat inside source command identifies which IP addresses will be translated. In this configuration example, the ip nat inside source command configures a static translation between the inside local IP address 10.1.1.1 to the outside global IP address 170.46.2.2.

Dynamic NAT Configuration Basically, dynamic NAT really means we have a pool of addresses that we’ll use to provide real IP addresses to a group of users on the inside. Because we don’t use port numbers, we must have real IP addresses for every user who’s trying to get outside the local network simultaneously. Here is a sample output of a dynamic NAT configuration: ip nat pool todd 170.168.2.3 170.168.2.254 netmask 255.255.255.0 ip nat inside source list 1 pool todd ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside interface Serial0 ip address 170.168.2.1 255.255.255.0 ip nat outside access-list 1 permit 10.1.1.0 0.0.0.255

PAT (Overloading) Configuration This is the typical form of NAT that we would use today. It’s actually now rare to use static or dynamic NAT unless it is for something like statically mapping a server, for example. Here is a sample output of a PAT configuration: ip nat pool globalnet 170.168.2.1 170.168.2.1 netmask 255.255.255.0 ip nat inside source list 1 pool globalnet overload ! interface Ethernet0/0 ip address 10.1.1.10 255.255.255.0 ip nat inside interface Serial0/0 ip address 170.168.2.1 255.255.255.0 ip nat outside access-list 1 permit 10.1.1.0 0.0.0.255

Figure 13.4: NAT example To start, look at Figure 13.4 and ask yourself two things: Where would you implement NAT in this design, and what type of NAT would you configure? In Figure 13.4, the NAT configuration would be placed on the corporate router, just as I demonstrated with Figure 13.1, and the configuration would be dynamic NAT with overload (PAT).

Figure 13.5: Another NAT example In the next NAT example, refer to Figure 13.5 and see if you can come up with the configuration needed. Actually, two different answers would both work here, but the following would be my first choice based on the exam objectives: ip nat pool Todd 192.1.2.109 192.1.2.109 netmask 255.255.255.248 access-list 1 permit 192.168.10.64 0.0.0.63 ip nat inside source list 1 pool Todd overload

Written Labs and Review Questions Read through the Exam Essentials section together in class. Open your books and go through all the written labs and the review questions. Review the answers in class. 14