nat
TRANSCRIPT
![Page 1: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/1.jpg)
![Page 2: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/2.jpg)
• Natting means "Translation of private IP address into public IP address ".
• In order to communicate with internet we must have public IP address.
Address translation was originally developed to solve two problems:1. to handle a shortage of IPv4 addresses 2. hide network addressing schemes.
• Small companies typically get their public IP addresses directly from their ISPs, which have a limited number.
• Large companies can sometimes get their public IP addresses from a registration authority, such as the Internet Assigned Numbers Authority (IANA).
NETWORK ADDRESS TRANSLATION
![Page 3: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/3.jpg)
• Common devices that can perform address translation include firewalls, routers, and servers.
• Typically address translation is done at the perimeter of the network by either a firewall (more commonly) or a router.
• There are certain addresses in each class of IP address that are reserved for Private Networks. These addresses are called private addresses.
Class A 10.0.0.0 to 10.255.255.255Class B 172.16.0.0 to 172.31.255.255Class C 192.168.0.0 to 192.168.255.255
![Page 4: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/4.jpg)
• Inside Local Addresses – An IP address assigned to a host inside a network. This address is likely to be a RFC 1918 private address
• Inside Global Address – A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world.
• Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network.
• Outside Global Address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.
![Page 5: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/5.jpg)
• Types of NAT:-
1. Dynamic NAT2. Static NAT3. PAT
![Page 6: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/6.jpg)
• This type of NAT is designed to allow one-to-one mapping between local and global addresses.
• Keep in mind that the static version requires you to have one real Internet IP address for every host on your network..
Syntax: (Config)# IP nat inside source static <privateIP>
<public IP>
Implementation : (Config) # interface s0(Config-if)# ip nat outside (Config)# interface e0(Config-if)# ip nat inside
Static NAT
![Page 7: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/7.jpg)
• This version gives you the ability to map an unregistered IP address to a registered IP address from out of a pool of registered IP addresses.
• You don’t have to statically configure your router to map an inside to an outside address as you would using static NAT,
• but you do have to have enough real IP addresses for everyone who’s going to be sending packets to and receiving them from the Internet.
Dynamic NAT
![Page 8: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/8.jpg)
Syntax :(Config)# access-list < NO> permit <net.ID> <WCM>
(Config)# ip nat inside pool <name> <starting Pub IP>
<end Pub IP> netmask <mask>
(Config)# ip nat inside source list <Aclno> pool <name>
Implementation : (Config) # interface s0(Config-if) # ip nat outside (Config) # interface e0(Config-if) # ip nat inside
Dynamic NAT
![Page 9: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/9.jpg)
• This is the most popular type of NAT configuration.
• overloading really is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address—many-to-one—by using different ports.
• It is also known as Port Address Translation (PAT)
• by using PAT (NAT Overload), you get to have thousands of users connect to the Internet using only one real global IP address.
• NAT Overload is the real reason we haven’t run out of valid IP address on the Internet
Dynamic NAT Overload
![Page 10: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/10.jpg)
Syntax :(Config)# access-list < NO> permit <net.ID> <WCM>
(Config)# ip nat inside pool <name> <starting Pub IP>
<end Pub IP> netmask <mask>
(Config)#ip nat inside source list <Aclno> pool <name> overlaod
Implementation : (Config) # interface s0(Config-if) # ip nat outside (Config) # interface e0(Config-if) # ip nat inside
Dynamic NAT Overload
![Page 11: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/11.jpg)
![Page 12: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/12.jpg)
![Page 13: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/13.jpg)
![Page 14: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/14.jpg)
![Page 15: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/15.jpg)
![Page 16: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/16.jpg)
![Page 17: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/17.jpg)
![Page 18: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/18.jpg)
![Page 19: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/19.jpg)
![Page 20: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/20.jpg)
![Page 21: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/21.jpg)
![Page 22: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/22.jpg)
![Page 23: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/23.jpg)
![Page 24: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/24.jpg)
![Page 25: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/25.jpg)
![Page 26: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/26.jpg)
![Page 27: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/27.jpg)
![Page 28: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/28.jpg)
![Page 29: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/29.jpg)
![Page 30: Nat](https://reader035.vdocument.in/reader035/viewer/2022062307/5584595ad8b42a5b0a8b523d/html5/thumbnails/30.jpg)