CCNA 4 v3.1 Module 1 Scaling IP Addresses

Objectives

Private Addressing

NAT A NAT-enabled device typically operates at the border of a stub network.

NAT Terms Inside Local Addresses – An IP address assigned to a host inside a network. This address is likely to be a RFC 1918 private address. Inside Global Address – A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world. Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network. Outside Global Address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.

NAT Features Static NAT is designed to allow one-to-one mapping of local and global addresses. Inside Outside http://179.9.8.10 10.0.0.10 DA 10.0.0.10 DA 179.9.8.10 Internet 179.9.8.10 10.0.0.10 179.9.8.80 10.0.0.2 Inside Global IP Address Inside Local IP Address NAT Table 10.0.0.2

NAT Features Dynamic NAT is designed to map a private IP address to a public address. Inside Outside 10.0.0.10 SA 179.8.9.80 Internet SA 10.0.0.2 179.9.8.10 10.0.0.10 179.9.8.80 10.0.0.2 Inside Global IP Address Inside Local IP Address NAT Table 10.0.0.2

PAT Features PAT uses unique source port numbers on the inside global IP address to distinguish between translations. Inside Outside 202.6.3.2 10.0.0.3 SA 179.9.8.80:1345 SA 10.0.0.3:2333 Internet SA 179.9.8.80:2333 179.9.8.80:2333 10.0.0.3:2333 179.9.8.80:1456 10.0.0.2:1456 Inside Global IP Address Inside Local IP Address NAT Table 126.23.2.2:80 202.6.3.2:80 Outside Global IP Address Outside Local IP Address SA 10.0.0.2:1456 126.23.2.2 10.0.0.2

NAT Benefits Eliminates re-assigning each host a new IP address when changing to a new ISP Eliminates the need to re-address all hosts that require external access, saving time and money Conserves addresses through application port-level multiplexing Protects network security

Configuring Static NAT Translations Static translation are entered directly into the configuration and are permanent in the translation table Router(config)#ip nat inside source static 10.6.1.20 171.69.68.10

Inside/Outside interface Inside Network Outside Network Inside Interface Outside Interface NAT Inside Host Outside Host ip nat inside ip nat outside Router(config-if)#ip nat inside An interface on the router can be defined as inside or outside Translations occur only from inside to outside interfaces or vice versa—never between the same type of interface What happens when a packet goes from an inside interface to an unmarked interface? No translation occurs. How about an unmarked interface to an outside interface? Again, no translation occurs. Translations only occur when going from an inside interface to an outside interface or vice versa. I want to caution you about the significance of inside and outside. If you use this with inside local and outside local you will get confused. What you want to walk away with here is that a translation will only occur when going from inside to outside or vice versa. The only other place where inside and outside interface definitions are significant is which side can produce a new translation. For “ip nat inside source …” tells you that packets received on the inside interface can create new translation entry. DO NOT USE the inside and outside interfaces to explain Inside local and outside local!

Configuring Static NAT

Dynamic Translations Dynamic translation specify the pool of global addresses that inside addresses can be translated into Router(config)#ip nat pool nat-pool 179.9.8.80 179.9.8.95 netmask 255.255.255.240 Dynamic translations use access lists to identify IP addresses that NAT should create translations for Router(config)#ip nat inside source list 1 pool nat-pool Router(config)#access-list 1 permit 10.0.0.0 0.0.255.255

Configuring Dynamic NAT

Configuring PAT Establishes overload translation, specifying the IP address to be overloaded as that assigned to an outside interface Router(config)#ip nat inside source list 1 interface serial0/0 overload Establishes overload translation, specifying the IP address to be overloaded as that assigned to a pool name Router(config)# ip nat pool nat-pool2 179.9.8.20 netmask 255.255.255.240 Router(config)#ip nat inside source list 1 pool nat-pool2 overload

Configuring PAT

Clearing the NAT Translation Table Router#clear ip nat translation * Clears all dynamic address translation entries

Verifying NAT and PAT Configuration

Troubleshooting NAT and PAT

Issues With NAT

DHCP DHCP works by providing a process for a server to allocate the IP information to clients.

DHCP Clients lease the information from the server for an administratively defined period.

BOOTP and DHCP Differences DHCP defines mechanisms through which clients can be assigned an IP address for a finite lease period. This lease period allows for re-assignment of the IP address to another client later, or for the client to get another assignment, if the client moves to another subnet. Clients may also renew leases and keep the same IP address. DHCP provides the mechanism for a client to gather other IP configuration parameters, such as WINS and domain name.

Major DHCP Features Automatic Allocation Manual Allocation Dynamic Allocation

DHCP Operation

The Order of DHCP Messages Transmitting

Configuring DHCP

Configuring DHCP While Excluding IP

Verifying DHCP

Troubleshooting DHCP

DHCP Relay

Summary