Kh

oa

CN

TT

1/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Scaling Networks Scaling Networks

with NAT and PATwith NAT and PAT

TS, PHẠM VĂN TÍNHTS, PHẠM VĂN TÍNH

Scaling IP AddressesScaling IP Addresses

Kh

oa

CN

TT

2/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

ObjectiveObjective

Identify private IP addresses as described in RFC 1918

Discuss characteristics of NAT and PAT Explain the benefits of NAT Explain how to configure NAT and PAT,

including static translation, dynamic translation, and overloading

Identify the commands used to verify NAT and PAT configuration

List the steps used to troubleshoot NAT and PAT configuration

Discuss the advantages and disadvantages of NAT

Kh

oa

CN

TT

3/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Private addressesPrivate addresses

• NAT provides great benefits to individual companies and the Internet.

• Before NAT, a host with a private address could not access the Internet.

• Using NAT, individual companies can address some or all of their hosts with private addresses and use NAT to provide access the Internet.

Kh

oa

CN

TT

4/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Introducing NAT and PATIntroducing NAT and PAT

• NAT enable networks to use private IP addresses on internal networks. These private, internal addresses are translated to routable, public addresses.

• A NAT enabled device typically operates at the border of a stub network. A stub network is a network that has a single connection to its neighbor network

• Cisco defines the following NAT terms:

– Inside local address – The IP address assigned to a host on the inside network. This address is likely to be an RFC 1918 private address.

– Inside global address – A legitimate IP address assigned by the NIC or service provider (public address).

–Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.

–Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address.

Kh

oa

CN

TT

5/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Major NAT and PAT featuresMajor NAT and PAT features

• Static NAT is designed to allow one-to-one mapping of local and global addresses.

• Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assigned to a network host.

• Overloading, or Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address. Multiple addresses can be mapped to a single address because each private address is tracked by a port number.

• PAT uses unique source port numbers on the inside global IP address to distinguish between translations.

Kh

oa

CN

TT

6/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Configuring Static NATConfiguring Static NAT

Router(config)#ip nat inside source static local-ip global-ip

Router(config-if)#ip nat inside

Router(config-if)#ip nat outside

Kh

oa

CN

TT

7/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Configuring Static NATConfiguring Static NAT

Kh

oa

CN

TT

8/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Configuring Dynamic NATConfiguring Dynamic NAT

Kh

oa

CN

TT

9/11

PH

ẠM

VĂ

N T

ÍNH

01-2

004

Configuring PATConfiguring PAT

Kh

oa

CN

TT

10/1

1P

HẠ

M V

ĂN

TÍN

H01

-200

4

Configuring PATConfiguring PAT

Kh

oa

CN

TT

11/1

1P

HẠ

M V

ĂN

TÍN

H01

-200

4

Verifying NAT and PAT configurationVerifying NAT and PAT configuration

Kh

oa

CN

TT

12/1

1P

HẠ

M V

ĂN

TÍN

H01

-200

4

Verifying NAT and PAT configurationVerifying NAT and PAT configuration

Kh

oa

CN

TT

13/1

1P

HẠ

M V

ĂN

TÍN

H01

-200

4

Troubleshooting NAT and PAT Troubleshooting NAT and PAT configurationconfiguration