Professional Documents
Culture Documents
Overview
Private addressing
12 bits in common
10101100 . 00010000 . 00000000 . 00000000 172.16.0.0
10101100 . 00011111 . 11111111 . 11111111 172.16.255.255
------------------------------------------------------------10101100 . 00010000 . 00000000 . 00000000 172.16.0.0/12
3
Introducing
NAT and PAT
NAT Example
NAT Example
1
DA
DA
SA
128.23.2.2
10.0.0.3
....
Data
128.23.2.2
SA
179.9.8.80
....
IP Header
2
The translation from Private source IP address to
Public source IP address.
Data
IP Header
NAT Example
1
NAT Example
4
DA
DA
SA
10.0.0.3
128.23.2.2
IP Header
....
Data
179.9.8.80
SA
128.23.2.2
....
Data
IP Header
NAT Example
PAT Example
NAT/PAT table
maintains translation
of:
DA, SA, SP
DA
128.23.2.2
1
DA
128.23.2.2
SA
10.0.0.3
IP Header
SA
10.0.0.2
IP Header
DP
80
SP
1331
DA
Data
TCP/UDP
Header
DP
80
1555
TCP/UDP
Header
128.23.2.2 179.9.8.80
SP
DA
Data
SA
IP Header
SA
128.23.2.2 179.9.8.80
IP Header
DP
80
SP
3333
Data
TCP/UDP
Header
DP
80
SP
2222
Data
TCP/UDP
Header
11
PAT Example
SA
128.23.2.2
IP Header
4
DA
SA
10.0.0.2
128.23.2.2
IP Header
DP
1331
SP
80
DA
Data
TCP/UDP
Header
DP
1555
80
TCP/UDP
Header
179.9.8.80 128.23.2.2
SP
DA
Data
SA
179.9.8.80
IP Header
SA
128.23.2.2
IP Header
DP
3333
SP
80
Data
TCP/UDP
Header
DP
2222
SP
80
Data
TCP/UDP
Header
12
SA
10.0.0.3
IP Header
DA
128.23.2.2
DP
SA
80
IP Header
1331
DA
Data
TCP/UDP
Header
DP
10.0.0.2
SP
80
1555
128.23.2.2 179.9.8.80
SP
DA
Data
SA
IP Header
SA
128.23.2.2 179.9.8.80
TCP/UDP
Header
IP Header
DP
80
SP
3333
Data
TCP/UDP
Header
DP
80
SP
2222
Data
TCP/UDP
Header
As long as the inside global port numbers are unique for each inside
local host, NAT overload will work. For example, if the host at 10.1.1.5
and 10.1.1.6 both use TCP port 1234, the NAT router can create the
extended table entries mapping 10.1.1.5:1234 to 171.70.2.2:1234 and
10.1.1.6:1234 to 171.70.2.2:1235. In fact, NAT implementations
do not necessarily try to preserve the original port number.
14
15
Translate to these
outside addresses
Start
here
Source IP address
must match here
16
This is a different
example, using the IP
address of the outside
interface instead
specifying an IP
address
18
19
Verifying NAT/PAT
20
Troubleshooting NAT/PAT
21
22
DHCP
Introducing DHCP
24
Clients may also renew leases and keep the same IP address.
DHCP provides the mechanism for a client to gather other IP configuration
parameters, such as WINS and domain name.
25
26
DHCP Operation
27
Configuring DHCP
Configuring DHCP
Configuring DHCP
DHCP options
30
31
DHCP Relay
DHCP clients use IP broadcasts to find the DHCP server on the segment.
What happens when the server and the client are not on the same segment and
are separated by a router?
32
33
34
Broadcast
Unicast
Broadcast
Unicast
Directed Broadcast
Notice that the RTA interface e3, which connects to the server farm, is not
configured with helper addresses.
However, the output shows that for this interface, directed broadcast
forwarding is disabled.
This means that the router will not convert the logical broadcast 172.24.1.255
into a physical broadcast with a Layer 2 address of FF-FF-FF-FF-FF-FF.
To allow all the nodes in the server farm to receive the broadcasts at Layer 2,
e3 will need to be configured to forward directed broadcasts with the following
command:
RTA(config)#interface e3
RTA(config-if)#ip directed-broadcast
37
L3 Broadcast
L2 Broadcast
38