Scribd
Upload
9 views14 pages

Understanding NAT with PAT Configuration

Chapter 13 of the CCENT Study Guide covers Network Address Translation (NAT), its types, and configurations. It explains the purpose of NAT in conserving IP address space and details static, dynamic, and PAT (Port Address Translation) configurations. The chapter also includes practical examples and configurations for implementing NAT on routers.

Uploaded by

gaurav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views14 pages

Understanding NAT with PAT Configuration

Chapter 13 of the CCENT Study Guide covers Network Address Translation (NAT), its types, and configurations. It explains the purpose of NAT in conserving IP address space and details static, dynamic, and PAT (Port Address Translation) configurations. The chapter also includes practical examples and configurations for implementing NAT on routers.

Uploaded by

gaurav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

CCENT Study Guide

Chapter 13
Network Address Translation
Chapter 13 Objectives
• The CCENT Topics Covered in this chapter
include:
• 4.0 Infrastructure Services
• 4.7 Configure, verify, and troubleshoot inside source NAT.
• 4.7.a Static
• 4.7.b Pool
• 4.7.c PAT
When Do We Use NAT?
Network Address Translation (NAT) is similar to Classless Inter-
Domain Routing (CIDR) in that the original intention for NAT was to
slow the depletion of available IP address space by allowing multiple
private IP addresses to be represented by a much smaller number of
public IP addresses.

Here’s a list of situations when NAT can be


especially helpful:
 When you need to connect to the Internet
and your hosts don’t have globally unique
IP addresses
 When you’ve changed to a new ISP that
requires you to renumber your network
 When you need to merge two intranets with
duplicate addresses
Figure 13.1: Where to
configure NAT

You typically use NAT on a border router. For


example, in Figure 13.1, NAT is used on the
Corporate router connected to the Internet.
Types of NAT
Static NAT
This type of NAT is designed to allow one-to-one mapping between local
and global addresses. Keep in mind that the static version requires you to
have one real Internet IP address for every host on your network.

Dynamic NAT
This version gives you the ability to map an unregistered IP address to a
registered IP address from out of a pool of registered IP addresses. You
don’t have to statically configure your router to map each inside address to
an individual outside address as you would using static NAT, but you do
have to have enough real, bona-fide IP addresses for everyone who’s going
to be sending packets to and receiving them from the Internet at the same
time.

Overloading
This is the most popular type of NAT configuration. Understand that
overloading really is a form of dynamic NAT that maps multiple
unregistered IP addresses to a single registered IP address (many-to-one)
by using different source ports. Now, why is this so special? Well, because
it’s also known as Port Address Translation (PAT), which is also
commonly referred to as NAT Overload. Using PAT allows you to permit
thousands of users to connect to the Internet
NAT Terms
Names Meaning

Inside local Source host inside address before translation—typically an RFC 1918 address

Outside local Address from which source host is known on the Internet. This is usually the
address of the router connected to ISP—the actual Internet address.

Inside global Source host address used after translation to get onto Internet. This is also the
actual Internet address.

Outside global Address of outside destination host and, again, the real Internet address
Figure 13.2: Basic NAT translation

In this figure, we can see host [Link] sending an Internet-bound packet to the
border router configured with NAT. The router identifies the source IP address
as an inside local IP address destined for an outside network, translates the
source IP address in the packet, and documents the translation in the NAT table.
The packet is sent to the outside interface with the new translated source
address. The external host returns the packet to the destination host, and the
NAT router translates the inside global IP address back to the inside local IP
address using the NAT table. This is as simple as it gets!
Figure 13.3: NAT overloading
example (PAT)

With PAT, all inside hosts get translated to one single IP address,
hence the term overloading. Again, the reason we’ve just run out
of available global IP addresses on the Internet is because of
overloading (PAT).
Static NAT Configuration

Let’s take a look at a simple example of a basic static NAT


configuration:
ip nat inside source static [Link] [Link]
!
interface Ethernet0
ip address [Link] [Link]
ip nat inside
!
interface Serial0
ip address [Link] [Link]
ip nat outside
!

In the preceding router output, the ip nat inside


source command identifies which IP addresses will be
translated. In this configuration example, the ip nat inside
source command configures a static translation between the
inside local IP address [Link] to the outside global IP address
[Link].
Dynamic NAT Configuration
Basically, dynamic NAT really means we have a pool of addresses
that we’ll use to provide real IP addresses to a group of users on the
inside. Because we don’t use port numbers, we must have real IP
addresses for every user who’s trying to get outside the local network
simultaneously.
Here is a sample output of a dynamic NAT configuration:
ip nat pool todd [Link] [Link]
netmask [Link]
ip nat inside source list 1 pool todd
!
interface Ethernet0
ip address [Link] [Link]
ip nat inside
!
interface Serial0
ip address [Link] [Link]
ip nat outside
!
access-list 1 permit [Link] [Link]
!
PAT (Overloading)
Configuration
This is the typical form of NAT that we would use today.
It’s actually now rare to use static or dynamic NAT unless it is
for something like statically mapping a server, for example.
Here is a sample output of a PAT configuration:
ip nat pool globalnet [Link] [Link]
netmask [Link]
ip nat inside source list 1 pool globalnet overload
!
interface Ethernet0/0
ip address [Link] [Link]
ip nat inside
!
interface Serial0/0
ip address [Link] [Link]
ip nat outside
!
access-list 1 permit [Link] [Link]
Figure 13.4: NAT example
To start, look at Figure 13.4 and ask yourself two things: Where
would you implement NAT in this design, and what type of NAT
would you configure?

In Figure 13.4, the NAT configuration would be


placed on the corporate router, just as I demonstrated
with Figure 13.1, and the configuration would be
dynamic NAT with overload (PAT).
Figure 13.5: Another NAT example
In the next NAT example, refer to Figure 13.5 and see if you can
come up with the configuration needed.

Actually, two different answers would both work here, but the following would
be my first choice based on the exam objectives:
ip nat pool Todd [Link] [Link] netmask
[Link]
access-list 1 permit [Link] [Link]
ip nat inside source list 1 pool Todd overload
Written Labs and Review
Questions
– Read through the Exam Essentials section
together in class.
– Open your books and go through all the
written labs and the review questions.
– Review the answers in class.

14

You might also like