1. 1 Pertemuan 14 Scaling Networks with NAT and PAT

2. Discussion Topics Private addressing Introducing NAT and PAT Major NAT and PAT features Configuring NAT and PAT Verifying PAT configuration Troubleshooting NAT and PAT configuration Issues with NAT 2

3. Private Addressing

4. NAT A NAT-enabled device typically operates at the border of a stub network.

5. NAT Terms Inside Local Addresses – An IP address assigned to a host inside a network. This address is likely to be a RFC 1918 private address. Inside Global Address – A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world. Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network. Outside Global Address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.

6. NAT Features Static NAT is designed to allow one-to-one mapping of local and global addresses. Outside 10.0.0.10 DA 179.9.8.10 Inside Internet 179.9.8.1010.0.0.10 179.9.8.8010.0.0.2 Inside Global IP Address Inside Local IP Address NAT Table 10.0.0.2 http://179.9.8.10 DA 10.0.0.10

7. NAT Features Dynamic NAT is designed to map a private IP address to a public address. Outside 10.0.0.10 Inside Internet 179.9.8.1010.0.0.10 179.9.8.8010.0.0.2 Inside Global IP Address Inside Local IP Address NAT Table 10.0.0.2 SA 10.0.0.2 SA 179.8.9.80

8. PAT Features PAT uses unique source port numbers on the inside global IP address to distinguish between translations. SA 10.0.0.3:2333 Outside Inside Internet 10.0.0.2 SA 10.0.0.2:1456 SA 179.9.8.80:1345 10.0.0.3 179.9.8.80:233310.0.0.3:2333 179.9.8.80:145610.0.0.2:1456 Inside Global IP Address Inside Local IP Address NAT Table 126.23.2.2:80 202.6.3.2:80 Outside Global IP Address Outside Local IP Address SA 179.9.8.80:2333 202.6.3.2 126.23.2.2

9. NAT Benefits Eliminates re-assigning each host a new IP address when changing to a new ISP Eliminates the need to re-address all hosts that require external access, saving time and money Conserves addresses through application port-level multiplexing Protects network security

10. Configuring Static NAT Translations Static translation are entered directly into the configuration and are permanent in the translation table Router(config)#ip nat inside source static 10.6.1.20 171.69.68.10

11. Inside/Outside interface An interface on the router can be defined as inside or outside Translations occur only from inside to outside interfaces or vice versa—never between the same type of interface NAT Inside Interface Inside Network Outside Network ip nat inside ip nat outside Inside Host Outside Host Router(config-if)#ip nat inside Outside Interface

12. Configuring Static NAT

13. Dynamic Translations Dynamic translation specify the pool of global addresses that inside addresses can be translated into Router(config)#ip nat pool nat-pool 179.9.8.80 179.9.8.95 netmask 255.255.255.240 Dynamic translations use access lists to identify IP addresses that NAT should create translations for Router(config)#ip nat inside source list 1 pool nat-pool Router(config)#access-list 1 permit 10.0.0.0 0.0.255.255

14. Configuring Dynamic NAT

15. Configuring PAT Establishes overload translation, specifying the IP address to be overloaded as that assigned to an outside interface Router(config)#ip nat inside source list 1 interface serial0/0 overload Establishes overload translation, specifying the IP address to be overloaded as that assigned to a pool name Router(config)# ip nat pool nat-pool2 179.9.8.20 netmask 255.255.255.240 Router(config)#ip nat inside source list 1 pool nat-pool2 overload

16. Configuring PAT

17. Clearing the NAT Translation Table Clears all dynamic address translation entries Router#clear ip nat translation *

18. Verifying NAT and PAT Configuration

19. Troubleshooting NAT and PAT

20. Issues With NAT