Scribd Logo
Unggah

Selamat datang di Scribd!

  • Chapter 12

    Diunggah oleh

    Kumar Sandeep
    17 tayangan21 halaman

    Judul Asli

    Chapter_12.ppt

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    PPT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    17 tayangan21 halaman

    Chapter 12

    Diunggah oleh

    Kumar Sandeep

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 21

    NAT/PAT

    Chapter 12

    Release 16/07/2009 Jetking Infotrain Ltd.


    Chapter Objectives

     Explain Network Address Translation


     Explain Static NAT
     Explain Dynamic NAT
     Discuss Port Address Translation

    Release 16/07/2009 Jetking Infotrain Ltd.


    Recall - I
     Frame relay is a technology used for connecting
    devices on a WAN
     Frame relay networks are multi-access networks
    where more than two devices can be attached to the
    network
     A Virtual Circuit (VC) represents the path on which
    the frame travels
     LMI enables the DCE and DTE to exchange
    information, including the information about virtual
    circuits

    Release 16/07/2009 Jetking Infotrain Ltd.


    Recall - II
     The DLCI identifies a VC for the frame relay to
    forward the frames to appropriate remote site when
    multiple access list use the same access list
     Frame relay DLCI are locally significant, which
    indicates that the addresses should be unique on
    the local access link
     Frame relay networks use Asynchronous Transfer
    Mode (ATM) in the core of the frame relay network

    Release 16/07/2009 Jetking Infotrain Ltd.


    Network Address Translation (NAT)
     NAT-enabled router stores the details of private IP
    addresses and the public IP address in a routing
    table
     NAT overcomes the problem of lack of public IP
    addresses
     It provides security from hackers by hiding
    addresses
     Allows re-routing the requests to other servers in the
    network if the request does not reach the destined
    server

    Release 16/07/2009 Jetking Infotrain Ltd.


    Explaining Network Address
    Translation (NAT)
     NAT operates on a router connecting two networks
     NAT is transparent to the source and destination
    computers
     NAT operates at the Network layer (Layer 3) of the
    OSI Reference Model because routers work at this
    layer
     NAT is useful for network administration

    Release 16/07/2009 Jetking Infotrain Ltd.


    Working of NAT
     The inside network addresses are converted into
    legal addresses before the packets are forwarded to
    the other network
     Inside Local is the configured IP address assigned
    to a host on the inside network

    Release 16/07/2009 Jetking Infotrain Ltd.


    Working of NAT
     Inside Global is the IP address of an inside host as it
    appears to the outside network, is the “Translated IP
    Address”
     Addresses can be allocated from a globally unique
    address space provided by the Internet Service Provider
    (ISP) if the enterprise is connected to the global Internet

    Release 16/07/2009 Jetking Infotrain Ltd.


    Outside Addressing

    Release 16/07/2009 Jetking Infotrain Ltd.


    NAT Implementation
     NAT is implemented on a network that requires few
    addresses to access the Global Internet
     NAT is implemented using two techniques:
     Static Address Translation

     Dynamic Address Translation

    Release 16/07/2009 Jetking Infotrain Ltd.


    NAT Configuration Commands
     The NAT configuration commands include:
     Access-List

     ip nat pool

     ip nat inside source list pool

     ip nat outside source pool

     ip nat inside source static

     ip nat {inside | outside}

     ip nat inside destination list pool

    Release 16/07/2009 Jetking Infotrain Ltd.


    NAT Overlapping Address Translation
     Assigning an IP address to a device in a network
    and that address is a legal IP address of a device in
    an outside network, it is referred as overlapping

    Release 16/07/2009 Jetking Infotrain Ltd.


    Verifying NAT Operations
     The commands that help you to verify the NAT
    operations are:
     show ip nat translations [verbose]

     show ip nat statistics

    Release 16/07/2009 Jetking Infotrain Ltd.


    Static NAT
     Static NAT, also called inbound mapping, allows
    connections initiated by external devices to
    computers on the stub domain to take place in
    specific circumstances
     Static NAT (inbound mapping) allows a computer on
    the stub domain to maintain a specific address while
    communicating with devices outside the network

    Release 16/07/2009 Jetking Infotrain Ltd.


    Port Address Translation
     The Port Address Translation (PAT) is used to
    translate internal addresses to only one or a few
    external addresses
     The PAT feature is also referred as “overload”,
    which is a subset of NAT functionality
     In a PAT implemented network, the address
    translation device (router) assigns same IP address
    to all the devices
     The source port number enables you to differentiate
    the connections in the network

    Release 16/07/2009 Jetking Infotrain Ltd.


    Port Address Translation
     Two devices in the network having the same source port
    number, the router changes the port number of one
    device to make it unique
     The total number of port numbers can theoretically be as
    high as 65,536 per IP address

    Release 16/07/2009 Jetking Infotrain Ltd.


    Concept of PAT

    Release 16/07/2009 Jetking Infotrain Ltd.


    Summary - I

     NAT operates at the Network layer (Layer 3) of the


    OSI Reference Model because this is the layer at
    which routers work
     You can configure, verify and troubleshoot NAT and
    PAT on an interface
     To configure Static NAT, you can configure the
    router for IP routing and IP addressing

    Release 16/07/2009 Jetking Infotrain Ltd.


    Summary - II

     To verify NAT use the following commands:


     show ip nat translations [verbose] -

    Displays active translations


     show ip nat - Displays translation statistics

     To troubleshoot NAT, you can use the debug ip nat


    [list | detailed] command. This command allows you
    to trace the NAT operation by displaying a line of
    output for each packet that gets translated

    Release 16/07/2009 Jetking Infotrain Ltd.


    Summary - III
     To clear NAT translation use the following commands:
     clear ip nat translation - Clears all translation

    entries
     clear ip nat translation inside global-ip

    local-ip [ outsidelocal-ip globalip] - Clears a


    simple translation entry containing an inside translation or
    both an inside and outside translation
     clear ip nat translation outside local-ip

    global-ip - Clears a simple translation entry containing


    an outside translation
     clear ip nat translation protocol inside -

    Enables you to clear an extended entry (in its various forms)

    Release 16/07/2009 Jetking Infotrain Ltd.


    Summary - IV

     To monitor PAT, you can use the show ip pat


    command to display PAT statistics and the currently
    active translated sessions

    Release 16/07/2009 Jetking Infotrain Ltd.

    Anda mungkin juga menyukai