Scribd
Upload
104 views

Chapter 12 v.1

This document discusses Network Address Translation (NAT) and Port Address Translation (PAT). It explains that NAT allows multiple devices on a private network to share a single public IP address to access the internet. Static NAT provides a fixed translation, while Dynamic NAT uses pool of addresses. PAT translates internal addresses to a single external address by using the port number to differentiate connections. The document provides configuration commands for NAT and instructions for verifying and troubleshooting NAT operations.

Uploaded by

sujeet_hat
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
104 views

Chapter 12 v.1

This document discusses Network Address Translation (NAT) and Port Address Translation (PAT). It explains that NAT allows multiple devices on a private network to share a single public IP address to access the internet. Static NAT provides a fixed translation, while Dynamic NAT uses pool of addresses. PAT translates internal addresses to a single external address by using the port number to differentiate connections. The document provides configuration commands for NAT and instructions for verifying and troubleshooting NAT operations.

Uploaded by

sujeet_hat
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 21

NAT/PAT

Chapter 12
Chapter Objectives

 Explain Network Address Translation


 Explain Static NAT
 Explain Dynamic NAT
 Discuss Port Address Translation

Chapter 12 2
Recall - I
 Frame relay is a technology used for connecting
devices on a WAN
 Frame relay networks are multi-access networks
where more than two devices can be attached to the
network
 A Virtual Circuit (VC) represents the path on which
the frame travels
 LMI enables the DCE and DTE to exchange
information, including the information about virtual
circuits

Chapter 12 3
Recall - II
 The DLCI identifies a VC for the frame relay to
forward the frames to appropriate remote site when
multiple access list use the same access list
 Frame relay DLCI are locally significant, which
indicates that the addresses should be unique on
the local access link
 Frame relay networks use Asynchronous Transfer
Mode (ATM) in the core of the frame relay network

Chapter 12 4
Network Address Translation (NAT)
 NAT-enabled router stores the details of private IP
addresses and the public IP address in a routing
table
 NAT overcomes the problem of lack of public IP
addresses
 It provides security from hackers by hiding
addresses
 Allows re-routing the requests to other servers in the
network if the request does not reach the destined
server

Chapter 12 5
Explaining Network Address
Translation (NAT)
 NAT operates on a router connecting two networks
 NAT is transparent to the source and destination
computers
 NAT operates at the Network layer (Layer 3) of the
OSI Reference Model because routers work at this
layer
 NAT is useful for network administration

Chapter 12 6
Working of NAT
 The inside network addresses are converted into
legal addresses before the packets are forwarded to
the other network
 Inside Local is the configured IP address assigned
to a host on the inside network

Chapter 12 7
Working of NAT
 Inside Global is the IP address of an inside host as it
appears to the outside network, is the “Translated IP
Address”
 Addresses can be allocated from a globally unique
address space provided by the Internet Service Provider
(ISP) if the enterprise is connected to the global Internet

Chapter 12 8
Outside Addressing

Chapter 12 9
NAT Implementation
 NAT is implemented on a network that requires few
addresses to access the Global Internet
 NAT is implemented using two techniques:
 Static Address Translation

 Dynamic Address Translation

Chapter 12 10
NAT Configuration Commands
 The NAT configuration commands include:
 Access-List

 ip nat pool

 ip nat inside source list pool

 ip nat outside source pool

 ip nat inside source static

 ip nat {inside | outside}

 ip nat inside destination list pool

Chapter 12 11
NAT Overlapping Address
Translation
 Assigning an IP address to a device in a network
and that address is a legal IP address of a device in
an outside network, it is referred as overlapping

Chapter 12 12
Verifying NAT Operations
 The commands that help you to verify the NAT
operations are:
 show ip nat translations [verbose]

 show ip nat statistics

Chapter 12 13
Static NAT
 Static NAT, also called inbound mapping, allows
connections initiated by external devices to
computers on the stub domain to take place in
specific circumstances
 Static NAT (inbound mapping) allows a computer on
the stub domain to maintain a specific address while
communicating with devices outside the network

Chapter 12 14
Port Address Translation
 The Port Address Translation (PAT) is used to
translate internal addresses to only one or a few
external addresses
 The PAT feature is also referred as “overload”,
which is a subset of NAT functionality
 In a PAT implemented network, the address
translation device (router) assigns same IP address
to all the devices
 The source port number enables you to differentiate
the connections in the network

Chapter 12 15
Port Address Translation
 Two devices in the network having the same source port
number, the router changes the port number of one
device to make it unique
 The total number of port numbers can theoretically be as
high as 65,536 per IP address

Chapter 12 16
Concept of PAT

Chapter 12 17
Summary - I
 NAT operates at the Network layer (Layer 3) of the
OSI Reference Model because this is the layer at
which routers work
 You can configure, verify and troubleshoot NAT and
PAT on an interface
 To configure Static NAT, you can configure the
router for IP routing and IP addressing

Chapter 12 18
Summary - II
 To verify NAT use the following commands:
 show ip nat translations [verbose] -

Displays active translations


 show ip nat - Displays translation statistics

 To troubleshoot NAT, you can use the debug ip nat


[list | detailed] command. This command allows you
to trace the NAT operation by displaying a line of
output for each packet that gets translated

Chapter 12 19
Summary - III
 To clear NAT translation use the following commands:
 clear ip nat translation - Clears all translation

entries
 clear ip nat translation inside global-ip

local-ip [ outsidelocal-ip globalip] - Clears a


simple translation entry containing an inside translation or
both an inside and outside translation
 clear ip nat translation outside local-ip

global-ip - Clears a simple translation entry containing


an outside translation
 clear ip nat translation protocol inside -

Enables you to clear an extended entry (in its various forms)

Chapter 12 20
Summary - IV
 To monitor PAT, you can use the show ip pat
command to display PAT statistics and the currently
active translated sessions

Chapter 12 21

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy