andrew smith 1 nat and dhcp ( network address translation and dynamic host configuration protocol )
TRANSCRIPT
1Andrew Smith
NAT and DHCP (Network Address Translation and Dynamic
Host Configuration Protocol )
2Andrew Smith
NAT and DHCP
This session will cover• The sharing of one (or a few IP address) by translation
• Reduction of demand for ‘internet’ IP addresses
• The automatic issue of IP addresses to a host on a large scale system, without the need to configure the host
3Andrew Smith
NAT and DHCP
WE will be working on a derivation of the standard WAN Mesh used in all Day Schools
4Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• Used to aggregate (collect) a range of
addresses, usually private into one (or few) externally recognisable addresses
5Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• Cisco defines the following NAT terms:
– Inside local address – The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address.
– Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world.
– Outside local address – The IP address of an outside host as it is known to the hosts on the inside network. – Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this
address.
6Andrew Smith
NAT and DHCP
NAT (Network Address Translation)
Inside Local
Inside global address10.x.x.x translated as
103.0.2.9 Outside global
address
Outside global address, when
128.23.2.2 is seen as 10.254.254.254 to the local hosts
7Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• Normally NAT will translate a range of address to a network• For example you could have 10.x.x.x translated to 101.1.1.1 – 101.1.1.5• PAT (Port Address Translation) uses one address and sends each
connection on a new (unique TCP port) with the potential of 65535 though most systems (routers) can only cope with 2000
8Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• PAT (Port Address Translation) uses one address and sends each
connection on a new (unique TCP port) with the potential of 65535 though most systems (routers) can only cope with 2000
• This means 10.x.x.x, 172.16.x.x or 192.168.x.x can be translated through one address, most of your ADSL/Broadband routers do this
9Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• Static translation, the creation of a 1:1 relationship between and external
and internal address, completed when you have an externally facing server (like mail or web) on a NAT translated network
• Dynamic translation, when a host is allocated an address or ‘port’ via NAT/PAT
10Andrew Smith
NAT and DHCP
NAT (Network Address Translation)• Static translation, the creation of a 1:1 relationship between and external
and internal address, completed when you have an externally facing server (like mail or web) on a NAT translated network
• Dynamic translation, when a host is allocated an address or ‘port’ via NAT/PAT
11Andrew Smith
NAT and DHCP
DHCP (Dynamic Host Configuration Protocol)• Allowing a ‘large’ or ‘small’ scale system to issue addresses to all hosts
(from workstations to servers and printers) rather than the admin having to set the IP address on each device.
• The address is leased, for a defined period of time.• Your ISP may do this, your ADSL/Broadband router may do this
12Andrew Smith
NAT and DHCPDHCP (Dynamic Host Configuration Protocol)• Done using UDP, on ports 67 (DHCP server) and 68 (DHCP host)• The host must receive
– An issued IP address
– The Default Gateway address (which may also be the router, but please be aware a DHCP server can run autonomously)
– Subnet mask
– DNS server address, which may be internal or externally available • WINS, Domain name and other parameters can also be issued
13Andrew Smith
NAT and DHCP
DHCP (Dynamic Host Configuration Protocol)• Addresses may be issued by
– Automatic allocation – DHCP assigns a permanent IP address to a client. – Manual allocation – The IP address for the client is assigned by the administrator.
DHCP conveys the address to the client.
– Dynamic allocation – DHCP assigns, or leases, an IP address to the client for a limited period of time.
14Andrew Smith
NAT and DHCP
NAT and DHCP configuration
Please ensure your router (s) are configured as per the normal infra-structure
15Andrew Smith
NAT and DHCP
NAT configurationaccess-list 1 permit 172.16.0.0 0.0.0.255
ip nat inside source list 1 interface FastEthernet0/0 overload
interface fastethernet 0/0
ip nat inside
interface serial0/0
ip nat outside
16Andrew Smith
NAT and DHCP
DHCP configuration
service dhcp
ip dhcp pool sanfranciscopool
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 172.16.0.2
domain-name widgetsrus.co.uk
netbios-name-server 172.16.0.3
Exit
ip dhcp excluded-address 172.16.0.1 172.16.0.10
17Andrew Smith
NAT and DHCP
Testing the configurationTo check DHCPRun ‘ipconfig’ to check the DHCP address has been obtainedRun ‘ipconfig /release’ to remove an automatic addressing.Run ‘ipconfig /renew’ to receive a new DHCP licensed address
To check NATYou must ping the nearside interface on the afar router from the host on the LANFor example, from the computer on the Madrid LAN you must ping 100.0.0.1 –t, note the ‘-t’ means continuous (no timeout)
On each router, issue the ‘clear ip nat translation *’ command‘show ip nat translations’ command
18Andrew Smith
NAT and DHCP
19Andrew Smith
NAT and DHCP