Upload File

nat pat overview

22
NAT (Network Address Translation)

Upload: franklin-centeno

Post on 31-Dec-2015

26 views

Category:

Documents


6 download

Report

Tags:

TRANSCRIPT

Page 1: NAT PAT Overview

NAT (Network Address Translation)

Page 2: NAT PAT Overview

Private addressing

• 172.16.0.0 – 172.31.255.255: 172.16.0.0/12 – ¿De donde viene /12

12 bits in common

10101100 . 00010000 . 00000000 . 00000000 – 172.16.0.0

10101100 . 00011111 . 11111111 . 11111111 – 172.16.255.255

-------------------------------------------------------------

10101100 . 00010000 . 00000000 . 00000000 – 172.16.0.0/12

Page 3: NAT PAT Overview

Introducing NAT and PAT

• NAT se diseño para conservar las direcciones IP y habilitar a las redes a usar direcciones privadas en las redes internas.

• Esas direcciones privadas internas, son traducidas a direcciones publicas ruteables. • NAT,como lo define el RFC 1631, es el proceso de reemplazo de una direccion IP

por otra en la cabecera IP. • En la practica, NAT es usado para permitir a los hosts que son identificadas

privadamente acceder a Internet. • La traduccion NAT puede ocurrir estaticamente o dinamicamente. • La caracteristica mas resaltante de los ruteadores NAT es su capacidad de usar port

address translation (PAT), el cual permite a multiples direcciones internas mapear a las mismas direcciones globales.

• Esto es algunas veces NAT muchos a uno.

Page 4: NAT PAT Overview

NAT Example

• Inside local address – La direccion IP asignada a un host en la red interna. Esta direccion es una direccion segun el RFC 1918 (direcciones privadas).

• Inside global address – Una direccion IP legitima (ruteable en internet o publica )direcciones IP asignadas por el ISP que representan a una o mas direcciones IP locales internas ante el mundo externo.

• Outside local address – La direccion IP de un host externo como este es conocido por los host en la red interna.

Page 5: NAT PAT Overview

NAT Example

128.23.2.2 10.0.0.3 .... Data

DA SA

IP Header

128.23.2.2 179.9.8.80 .... Data

DA SA

IP Header• La traduccion de direcciones IP privadas a direcciones IP publicas.

1 2

1

2

Page 6: NAT PAT Overview

NAT Example

• Inside local address – La direccion IP asignada a un host en la red interna.

• Inside global address – Una direccion IP legitima asignada por el proveedor del servicio.

• Outside global address – La direccion IP asignada a un host en la red externa. Los propietarios del host asignan esta direccion.

1 2

Page 7: NAT PAT Overview

NAT Example

• Traduccion de retorno, de la direccion IP publica a la direccion IP privada.

179.9.8.80 128.23.2.2 .... Data

DA SA

IP Header

10.0.0.3 128 .23.2.2 .... Data

DA SA

IP Header

34

34

Page 8: NAT PAT Overview

NAT Example

• NAT permite tener mas direcciones IP que las asignadas, mediante el RFC 1918.

• Sin embargo, debido a que tiene que usar direcciones IP publicas para la internet, NAT limita el numero de host que puede tener acceso a Internet a uno a la vez (dependiendo el numero de host en su mascara de red publica).

Page 9: NAT PAT Overview

PAT – Port Address Translation

• PAT (Port Address Translation)permite usar una unica direccion publica y asignar hasta 65536 hosts internos (4000 es mas realista).

• PAT modifica el puerto origen TCP/UDP para el seguimiento de la direccion de host interna.

• El seguimiento y traduccion SA, DA y SP (los cuales identifican de manera unica cada conexion) para cada flujo de datos.

Page 10: NAT PAT Overview

PAT Example

128.23.2.2 10.0.0.3 80 1331 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 10.0.0.2 80 1555 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 179.9.8.80 80 3333 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 179.9.8.80 80 2222 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

NAT/PAT table maintains translation of:

DA, SA, SP

1 2

Page 11: NAT PAT Overview

PAT Example

179.9.8.80 128.23.2.2 3333 80 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

179.9.8.80 128.23.2.2 2222 80 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

10.0.0.3 128.23.2.2 1331 80 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

10.0.0.2 128.23.2.2 1555 80 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

4 3

NAT/PAT table maintains translation of:

SA (DA), DA (SA), DP (SP)

Page 12: NAT PAT Overview

PAT – Port Address Translation

• Con PAT multiples direcciones IP privadas pueden ser traducidas a una unica direccion publica (many-to-one translation).

• Esto resuelve la limitacion de NAT, el cual hace una traduccion uno a uno.

Page 13: NAT PAT Overview

PAT – Port Address Translation

128.23.2.2 10.0.0.3 80 1331 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 10.0.0.2 80 1555 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 179.9.8.80 80 3333 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

128.23.2.2 179.9.8.80 80 2222 Data

DA SA

IP Header

DP SP

TCP/UDPHeader

1 2

Page 14: NAT PAT Overview

Configuring Static NAT

Page 15: NAT PAT Overview

Configuring Dynamic NAT

Translate to these outside addresses

Start here

Source IP address must match here

Page 16: NAT PAT Overview

Configure PAT – Overload

Page 17: NAT PAT Overview

Configure PAT – Overload

This is a different example, using the IP address of the outside interface instead specifying an IP address

Page 18: NAT PAT Overview

NAT/PAT Clear Commands

Page 19: NAT PAT Overview

Verifying NAT/PAT

Page 20: NAT PAT Overview

Troubleshooting NAT/PAT

Page 21: NAT PAT Overview

Issues with NAT/PAT

Page 22: NAT PAT Overview

PREGUNTAS


Network Address Translation€¦ · NAT (Network Address Translation)-RE BTS-SIO2 1 PAT (Port Address Translation) NAT - Objectif : Réaliser la traduction entre adresses privées

LANCOM LCOS 9 · General Feature Overview Firewall IPv4/IPv6 Stateful inspection, IP packet filter with port ranges, object-oriented rule definition. IPv4 Masking (NAT/PAT) of TCP,

March 2010 Overview of NAT and HIV Testing in the UK Deborah Jack, Chief Executive, NAT

Journey to IPv6 A Real-World deployment for Mobiles j...• CGN performs NAT/PAT 44 and NAT/PAT 64 PAT substantially reduces Public and Private IPv4 address demand, but does not prevent

day 17.1 nat pat .PPT

Nat Overview Cli 8.3

Nat and Pat - speldsa.org.au

Configuring NAT and PAT Chapter 18 powered by DJ 1

Chapter 11 - Nat Pat

ASA 8.3(x) Dynamic PAT with Two Internal …Create two NAT/PAT rules; this examples creates NAT rules for these network objects:OBJ_GENERIC_ALLOBJ_SPECIFIC_192-168-1-0 2. Add Network

IPv4 Services NAT/PAT

day 17.1 nat pat (2).ppt

Day 17.1 nat pat (2)

未命名 -1 Halal.pdf12.3 124 NAT NAT- NAT- 129 NAT- -132 NAT NAT- 133 -134 NAT NAT- 135 NAT. 137 NAT. NA NAT- 139 140 NAT. 141 142 NAT- NAT- 143 NAT- NAT 147 NAT- This certificate

Nat’s Cat DECODABLE • 25 A Reading A–Z Decodable Book …The fat cat liked to nap on Nat’s lap. If the fat cat wanted a pat, he would tap on Nat. Nat would pat him. Nat s Cat

Ch. 1 – Scaling IP Addresses NAT/PAT and DHCP CMPSC-358 (CCNA 4 ) Spring 2007

Seguridad en Las Redes Corporativas Mediante Nat y Pat

Network Address Translation (NAT)recom.blog.unq.edu.ar/wp-content/uploads/sites/50/2015/11/8... · NAT/PAT con IPCop. Port Forwarding. Port Forwarding Port Forwarding: Servicio que

NAT and PAT

Journey to IPv6: A Real-World deployment for Mobiles · IPv6 Implementation Centralised CGN pCGN performs NAT/PAT 44 and NAT/PAT 64 n PAT substantially reduces Public and Private

Practicas Nat Pat Dhcp Complementarias

ASA 8.4 - NAT Overview

SonicOS 4.0e NAT Load Balancing - SonicWallsoftware.sonicwall.com/...4.0_NAT_Load_Balancing_Feature_Module.pdf · Feature Overview 2 SonicOS Enhanced 4.0: NAT Load Balancing Please

ASA NAT PAT examples.pdf

Lab 1.1.6 Troubleshooting NAT and PAT – Instructor …itt.century.edu/.../pdf/knet-ESCJBTQpCAkxgVNw/CCNA4_lab_inst_1_1… · ... refer to Lab 1.1.4a Configuring NAT. Step 2 Save

General PAT Program Overview

Overview of PAT Scheme: Achievements and prospects

PAT et NAT

Ch. 1 – Scaling IP Addresses NAT/PAT and DHCP CCNA 4 version 3.0

Simulation of Routing in NAT, PAT and Inter VLAN Networkssdiwc.net/digital-library/web-admin/upload-pdf/00000956.pdf · Simulation of Routing in NAT, PAT and Inter_VLAN Networks Sulaiman

Ch. 1 – Scaling IP Addresses NAT/PAT and DHCP CCNA 4 version 3.0 Rick Graziani Cabrillo College

Scaling IP Addressescontents.kocw.net/KOCW/document/2016/wonkwang/jinchanyong/5.pdf · •Discuss characteristics of NAT and PAT ... NAT overload will work. ... –It is also the

NAT dan PAT

Subnetting, NAT & PAT

LCOS LANCOM Operating System Overview Firewall Stateful inspection, IP packet filter with port ranges, object-oriented rule definition. Masking (NAT/PAT) of TCP, UDP, ICMP, FTP, PPTP,