The flashcards below were created by user
on FreezingBlue Flashcards.
Where do you typically use NAT?
on a border router
What three situations would it be best to utilize NAT?
- If you need to connect to the internet and your hosts don't have globaly unique IP addresses.
- You change to a new ISP that requires you to remember your network.
- You need to merge two intranets with duplicate addresses.
- native address translation
- network masquerading
- ip masquerading
- the process of rewriting the source/destination address of IP packets when they go through a router or firewall.
What is referred to overloading?
a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address ---many-to-one--- by using different ports. also known as PAT or Port Address Translation
What are some disadvantages of NAT?
- Translation introduces switching path delays
- Loss of end-to-end IP traceability
- Certain applications will not functioni with NAT enabled
What are the advantages of using NAT?
- Conserves legally registered addresses.
- Reduces address overlap occurrence.
- Increases flexibilitiy when connecting to internet.
- Eliminates address renumbering as network changes.
What is the most obvious advantage associated with NAT?
it allows you to conserve your legally registered address scheme.
Name of inside source address before translation?
Name of destination host before translation
Name of inside host after translation
Name of outside destination host after translation
What are NAT local addresses?
These are the addresses used before NAT translation.
What are NAT global addresses?
These are usually the public addresses used on the internet, but remember, you don't need public addresses if you aren't going on the internet.
Describe the basic NAT operation
- host sends an outbound packet to the border router configured with NAT
- the router identifies the IP address as an inside local IP address destined for an outside network
- translates the address
- documents the translation in the NAT table
- the packet is sent to the outside interfae with the new translated source address
- the external host returns the packet to the destination host
- the NAT router translates the inside global IP address back to the inside local IP address
Describe how PAT works
- PAT uses overloading, all inside hosts get translated to one single IP address
- in addition to inside local IP address and outside global IP address, it also has port numbers.
- Port numbers help the router identify which host should receive the return traffic
What is dynamic NAT?
you have a pool of addresses that will be used to provide real IP addresses to a group of users on the inside
What is the command to view the basic IP address translation information?
show ip nat translation
What is the command to verify your NAT configuration?
debug ip nat
How do you clear your NAT entries from the translation table?
- clear ip nat translation
- use an asterisk (*) at the end of the command to clear all entries
What are the the most common starting points for troubleshooting NAT problems?
- Check the dynamic pools--are they composed of the right scope of addresses
- Check to see if any dynamic pools overlap.
- Check to see if the addresses used for static mapping and those in the dynamic pools overlap.
- Ensure that your access lists specify the correct addresses for translation.
- Make sure there aren't any addresses left out that need to be there, and ensure none are included that shouldn't be.
- Check to make sure that you've got both the inside and outside interfaces delimited properly.
How much memory does each NAT mapping utilize?
about 160 bytes
What command do you use to display a summary of the NAT configuration?
show ip nat statistics
What is known as the IG address?
any outside device's packet destination address that happens to be responding to any inside device
When an entry is placed into the NAT table the first time, a timer begins ticking; what is the duration of that timer known as?
What is Cisco's default translation timeout?
86,400 seconds (24 hours)
What command is used to change the translation timeout?
ip nat translation timeout
What happens when a timer expires?
the entry will be unceremoniously removed from the NAT table and the dynamically assigned address will be returned to the pool
When creating a pool of global addresses, which of the following can be used instead of the netmask command?