-
Where do you typically use NAT?
on a border router
-
What three situations would it be best to utilize NAT?
- If you need to connect to the internet and your hosts don't have globaly unique IP addresses.
- You change to a new ISP that requires you to remember your network.
- You need to merge two intranets with duplicate addresses.
-
Describe NAT.
- native address translation
- network masquerading
- ip masquerading
- the process of rewriting the source/destination address of IP packets when they go through a router or firewall.
-
What is referred to overloading?
a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address ---many-to-one--- by using different ports. also known as PAT or Port Address Translation
-
What are some disadvantages of NAT?
- Translation introduces switching path delays
- Loss of end-to-end IP traceability
- Certain applications will not functioni with NAT enabled
-
What are the advantages of using NAT?
- Conserves legally registered addresses.
- Reduces address overlap occurrence.
- Increases flexibilitiy when connecting to internet.
- Eliminates address renumbering as network changes.
-
What is the most obvious advantage associated with NAT?
it allows you to conserve your legally registered address scheme.
-
Name of inside source address before translation?
inside local
-
Name of destination host before translation
outside local
-
Name of inside host after translation
inside global
-
Name of outside destination host after translation
outside global
-
What are NAT local addresses?
These are the addresses used before NAT translation.
-
What are NAT global addresses?
These are usually the public addresses used on the internet, but remember, you don't need public addresses if you aren't going on the internet.
-
Describe the basic NAT operation
- host sends an outbound packet to the border router configured with NAT
- the router identifies the IP address as an inside local IP address destined for an outside network
- translates the address
- documents the translation in the NAT table
- the packet is sent to the outside interfae with the new translated source address
- the external host returns the packet to the destination host
- the NAT router translates the inside global IP address back to the inside local IP address
-
Describe how PAT works
- PAT uses overloading, all inside hosts get translated to one single IP address
- in addition to inside local IP address and outside global IP address, it also has port numbers.
- Port numbers help the router identify which host should receive the return traffic
-
What is dynamic NAT?
you have a pool of addresses that will be used to provide real IP addresses to a group of users on the inside
-
What is the command to view the basic IP address translation information?
show ipĀ nat translation
-
What is the command to verify your NAT configuration?
debug ip nat
-
How do you clear your NAT entries from the translation table?
- clear ip nat translation
- use an asterisk (*) at the end of the command to clear all entries
-
What are the the most common starting points for troubleshooting NAT problems?
- Check the dynamic pools--are they composed of the right scope of addresses
- Check to see if any dynamic pools overlap.
- Check to see if the addresses used for static mapping and those in the dynamic pools overlap.
- Ensure that your access lists specify the correct addresses for translation.
- Make sure there aren't any addresses left out that need to be there, and ensure none are included that shouldn't be.
- Check to make sure that you've got both the inside and outside interfaces delimited properly.
-
How much memory does each NAT mapping utilize?
about 160 bytes
-
What command do you use to display a summary of the NAT configuration?
show ip nat statistics
-
What is known as the IG address?
any outside device's packet destination address that happens to be responding to any inside device
-
When an entry is placed into the NAT table the first time, a timer begins ticking; what is the duration of that timer known as?
translation timeout
-
What is Cisco's default translation timeout?
86,400 seconds (24 hours)
-
What command is used to change the translation timeout?
ip nat translation timeout
-
What happens when a timer expires?
the entry will be unceremoniously removed from the NAT table and the dynamically assigned address will be returned to the pool
-
When creating a pool of global addresses, which of the following can be used instead of the netmask command?
prefix-length
|
|