Upload
jeffry-montgomery
View
233
Download
0
Embed Size (px)
Citation preview
1
CCNA 4 v3.1 Module 1Scaling IP Addresses
222
Objectives
333
Private Addressing
444
NAT
• A NAT-enabled device typically operates at the border of a stub network.
555
NAT Terms
• Inside Local Addresses – An IP address assigned to a host inside a network. This address is likely to be a RFC 1918 private address.
• Inside Global Address – A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world.
• Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network.
• Outside Global Address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.
666
NAT Features
• Static NAT is designed to allow one-to-one mapping of local and global addresses.
Outside
10.0.0.10 DA
179.9.8.10
Inside
Internet
179.9.8.1010.0.0.10
179.9.8.8010.0.0.2
Inside Global IP Address
Inside Local IP Address
NAT Table10.0.0.2
http://179.9.8.10
DA
10.0.0.10
777
NAT Features
• Dynamic NAT is designed to map a private IP address to a public address.
Outside
10.0.0.10
Inside
Internet
179.9.8.1010.0.0.10
179.9.8.8010.0.0.2
Inside Global IP Address
Inside Local IP Address
NAT Table10.0.0.2
SA
10.0.0.2
SA
179.8.9.80
888
PAT Features
• PAT uses unique source port numbers on the inside global IP address to distinguish between translations.
SA
10.0.0.3:2333
Outside
Inside
Internet
10.0.0.2
SA
10.0.0.2:1456
SA
179.9.8.80:1345
10.0.0.3
179.9.8.80:233310.0.0.3:2333
179.9.8.80:145610.0.0.2:1456
Inside Global IP Address
Inside Local IP Address
NAT Table
126.23.2.2:80126.23.2.2:80
202.6.3.2:80202.6.3.2:80
Outside Global IP Address
Outside Local IP Address
SA
179.9.8.80:2333
202.6.3.2
126.23.2.2
999
NAT Benefits
• Eliminates re-assigning each host a new IP address when changing to a new ISP
• Eliminates the need to re-address all hosts that require external access, saving time and money
• Conserves addresses through application port-level multiplexing
• Protects network security
101010
Configuring Static NAT Translations
• Static translation are entered directly into the configuration and are permanent in the translation table
Router(config)#ip nat inside source static
10.6.1.20 171.69.68.10
111111
Inside/Outside interface
• An interface on the router can be defined as inside or outside
• Translations occur only from inside to outside interfaces or vice versa—never between the same type of interface
NATInside InterfaceInside
Interface
Inside Network Outside Network
ip nat inside ip nat outsideInside Host Outside Host
Router(config-if)#ip nat inside
Outside InterfaceOutside Interface
121212
Configuring Static NAT
131313
Dynamic Translations
• Dynamic translation specify the pool of global addresses that inside addresses can be translated into
Router(config)#ip nat pool nat-pool
179.9.8.80 179.9.8.95 netmask 255.255.255.240
• Dynamic translations use access lists to identify IP addresses that NAT should create translations for
Router(config)#ip nat inside source list 1 pool nat-pool
Router(config)#access-list 1 permit 10.0.0.0 0.0.255.255
141414
Configuring Dynamic NAT
151515
Configuring PAT
• Establishes overload translation, specifying the IP address to be overloaded as that assigned to an outside interface
Router(config)#ip nat inside source list 1
interface serial0/0 overload
• Establishes overload translation, specifying the IP address to be overloaded as that assigned to a pool name
Router(config)# ip nat pool nat-pool2 179.9.8.20
netmask 255.255.255.240
Router(config)#ip nat inside source list 1
pool nat-pool2 overload
161616
Configuring PAT
171717
Clearing the NAT Translation Table
• Clears all dynamic address translation entries
Router#clear ip nat translation *
181818
Verifying NAT and PAT Configuration
191919
Troubleshooting NAT and PAT
202020
Issues With NAT
212121
DHCP
• DHCP works by providing a process for a server to allocate the IP information to clients.
222222
• Clients lease the information from the server for an administratively defined period.
DHCP
232323
BOOTP and DHCP Differences
• DHCP defines mechanisms through which clients can be assigned an IP address for a finite lease period. This lease period allows for re-assignment of the IP address to another client later, or for the client to get another assignment, if the client moves to another subnet. Clients may also renew leases and keep the same IP address.
• DHCP provides the mechanism for a client to gather other IP configuration parameters, such as WINS and domain name.
242424
Major DHCP Features
• Automatic Allocation
• Manual Allocation
• Dynamic Allocation
252525
DHCP Operation
262626
The Order of DHCP Messages Transmitting
272727
Configuring DHCP
282828
Configuring DHCP While Excluding IP
292929
Verifying DHCP
303030
Troubleshooting DHCP
313131
DHCP Relay
323232
Summary