1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 1 Scaling IP Addresses

222 © 2003, Cisco Systems, Inc. All rights reserved. Objectives Scaling networks with Network Address Translation and Port Address Translation Dynamic Host Configuration Protocol

333 © 2003, Cisco Systems, Inc. All rights reserved. IP Address Allocation Public Internet addresses must be registered by a company with an Internet authority such as: –American Registry for Internet Numbers (ARIN) –Réseaux IP Européennes (RIPE) –Regional Internet Registry (RIR) These public Internet addresses can also be leased from an ISP. –It has become more common to purchase a public address space from an ISP along with your Internet connection.

444 © 2003, Cisco Systems, Inc. All rights reserved. Problems with Public Address Space Public addresses cost money. You are limited to a smaller address space. –Example: /27, /28 or /29 32 addresses, 16 addresses or 8 addresses Your network address space is open to the public. Solution: Network Address Translation!

555 © 2003, Cisco Systems, Inc. All rights reserved. Network Address Translation (NAT) Network Address Translation is the exchange of private addresses (RFC 1918 addresses) for public addresses. Private address are also known as non-routable addresses because they are not allowed on the public Internet.

666 © 2003, Cisco Systems, Inc. All rights reserved. Why NAT??? -- Why Not??? Without NAT the rapid growth of the Internet would exhaust the IP addresses supplied by IPv4. NAT allows for the use of private addresses on the inside interfaces of the router and public addresses on the outside interfaces of the router. NAT also hides your inside addressing scheme from the outside world. NAT also allows for a far greater address space then that allocated by your ISP.

777 © 2003, Cisco Systems, Inc. All rights reserved. NAT A NAT-enabled device typically operates at the border of a stub network. The ISP will typically set a static route back to your public network The connection between your outside interface and the ISP is not generally considered part of your public network Inside Network Outside Network / /27

888 © 2003, Cisco Systems, Inc. All rights reserved. NAT Terms Inside Local Addresses – An IP address assigned to a host inside a network. This address is likely to be a RFC 1918 private address. Inside Global Address – A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world. Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network. Outside Global Address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.

999 © 2003, Cisco Systems, Inc. All rights reserved. NAT Features Static NAT is designed to allow one-to-one mapping of local and global addresses. Dynamic NAT is designed to map a range of private IP addresses to a range of public addresses.

10 © 2003, Cisco Systems, Inc. All rights reserved. PAT Features – ‘overload’ PAT uses unique source port numbers on the inside global IP address to distinguish between translations. PAT will attempt to preserve the original source port. If this source port is already used, PAT will assign the first available port number

11 © 2003, Cisco Systems, Inc. All rights reserved. NAT Benefits Eliminates re-assigning each host a new IP address when changing to a new ISP Eliminates the need to re-address all hosts that require external access, saving time and money Conserves addresses through application port-level multiplexing Protects network security

12 © 2003, Cisco Systems, Inc. All rights reserved. Configuring NAT and PAT

13 © 2003, Cisco Systems, Inc. All rights reserved. Configuring NAT – Static NAT

14 © 2003, Cisco Systems, Inc. All rights reserved. Configuring NAT – Dynamic NAT ip nat pool netmask Or ip nat pool prefix-length 24 access-list 92 permit ip nat inside source list 92 pool [overload] interface e0 ip nat inside interface e1 ip nat inside interface s0 ip nat outside

15 © 2003, Cisco Systems, Inc. All rights reserved. Configuring PAT A standard access list will specify the range of inside addresses that should be NATed

16 © 2003, Cisco Systems, Inc. All rights reserved. Verifying NAT and PAT Configuration

17 © 2003, Cisco Systems, Inc. All rights reserved. Troubleshooting NAT and PAT

18 © 2003, Cisco Systems, Inc. All rights reserved. Issues With NAT

19 © 2003, Cisco Systems, Inc. All rights reserved. DHCP DHCP works by providing a process for a server to allocate the IP information to clients. Clients lease the information from the server for an administratively defined period.

20 © 2003, Cisco Systems, Inc. All rights reserved. BOOTP and DHCP Differences DHCP defines mechanisms through which clients can be assigned an IP address for a finite lease period. –This lease period allows for re-assignment of the IP address to another client later, or for the client to get another assignment, if the client moves to another subnet. –Clients may also renew leases and keep the same IP address. –DHCP provides the mechanism for a client to gather other IP configuration parameters, such as WINS and domain name.

21 © 2003, Cisco Systems, Inc. All rights reserved. DHCP Operation

22 © 2003, Cisco Systems, Inc. All rights reserved. The Order of DHCP Messages Transmitting

23 © 2003, Cisco Systems, Inc. All rights reserved. Configuring DHCP

24 © 2003, Cisco Systems, Inc. All rights reserved. Configuring DHCP While Excluding IP

25 © 2003, Cisco Systems, Inc. All rights reserved. Verifying DHCP

26 © 2003, Cisco Systems, Inc. All rights reserved. Troubleshooting DHCP

27 © 2003, Cisco Systems, Inc. All rights reserved. DHCP Relay The command is: ip helper-address A.B.C.D