Professional Documents
Culture Documents
Chapter 12 v.1
Chapter 12 v.1
Chapter 12
Chapter Objectives
Chapter 12 2
Recall - I
Frame relay is a technology used for connecting
devices on a WAN
Frame relay networks are multi-access networks
where more than two devices can be attached to the
network
A Virtual Circuit (VC) represents the path on which
the frame travels
LMI enables the DCE and DTE to exchange
information, including the information about virtual
circuits
Chapter 12 3
Recall - II
The DLCI identifies a VC for the frame relay to
forward the frames to appropriate remote site when
multiple access list use the same access list
Frame relay DLCI are locally significant, which
indicates that the addresses should be unique on
the local access link
Frame relay networks use Asynchronous Transfer
Mode (ATM) in the core of the frame relay network
Chapter 12 4
Network Address Translation (NAT)
NAT-enabled router stores the details of private IP
addresses and the public IP address in a routing
table
NAT overcomes the problem of lack of public IP
addresses
It provides security from hackers by hiding
addresses
Allows re-routing the requests to other servers in the
network if the request does not reach the destined
server
Chapter 12 5
Explaining Network Address
Translation (NAT)
NAT operates on a router connecting two networks
NAT is transparent to the source and destination
computers
NAT operates at the Network layer (Layer 3) of the
OSI Reference Model because routers work at this
layer
NAT is useful for network administration
Chapter 12 6
Working of NAT
The inside network addresses are converted into
legal addresses before the packets are forwarded to
the other network
Inside Local is the configured IP address assigned
to a host on the inside network
Chapter 12 7
Working of NAT
Inside Global is the IP address of an inside host as it
appears to the outside network, is the “Translated IP
Address”
Addresses can be allocated from a globally unique
address space provided by the Internet Service Provider
(ISP) if the enterprise is connected to the global Internet
Chapter 12 8
Outside Addressing
Chapter 12 9
NAT Implementation
NAT is implemented on a network that requires few
addresses to access the Global Internet
NAT is implemented using two techniques:
Static Address Translation
Chapter 12 10
NAT Configuration Commands
The NAT configuration commands include:
Access-List
ip nat pool
Chapter 12 11
NAT Overlapping Address
Translation
Assigning an IP address to a device in a network
and that address is a legal IP address of a device in
an outside network, it is referred as overlapping
Chapter 12 12
Verifying NAT Operations
The commands that help you to verify the NAT
operations are:
show ip nat translations [verbose]
Chapter 12 13
Static NAT
Static NAT, also called inbound mapping, allows
connections initiated by external devices to
computers on the stub domain to take place in
specific circumstances
Static NAT (inbound mapping) allows a computer on
the stub domain to maintain a specific address while
communicating with devices outside the network
Chapter 12 14
Port Address Translation
The Port Address Translation (PAT) is used to
translate internal addresses to only one or a few
external addresses
The PAT feature is also referred as “overload”,
which is a subset of NAT functionality
In a PAT implemented network, the address
translation device (router) assigns same IP address
to all the devices
The source port number enables you to differentiate
the connections in the network
Chapter 12 15
Port Address Translation
Two devices in the network having the same source port
number, the router changes the port number of one
device to make it unique
The total number of port numbers can theoretically be as
high as 65,536 per IP address
Chapter 12 16
Concept of PAT
Chapter 12 17
Summary - I
NAT operates at the Network layer (Layer 3) of the
OSI Reference Model because this is the layer at
which routers work
You can configure, verify and troubleshoot NAT and
PAT on an interface
To configure Static NAT, you can configure the
router for IP routing and IP addressing
Chapter 12 18
Summary - II
To verify NAT use the following commands:
show ip nat translations [verbose] -
Chapter 12 19
Summary - III
To clear NAT translation use the following commands:
clear ip nat translation - Clears all translation
entries
clear ip nat translation inside global-ip
Chapter 12 20
Summary - IV
To monitor PAT, you can use the show ip pat
command to display PAT statistics and the currently
active translated sessions
Chapter 12 21