Tag Archives: 6.3d

6.3.d Implement and troubleshoot IPv4 network address translation

6.3.d [i] Static NAT, dynamic NAT, policy-based NAT, PAT

You can implement address translation as dynamic NAT, Port Address Translation (PAT), static NAT, static PAT, or as a mix of these types. You can also configure rules to bypass NAT; for example, to enable NAT control when you do not want to perform NAT (e.g. IPSec VPN IP subnets). The following translation types are available:

● Dynamic NAT—Dynamic NAT translates a group of real addresses to a pool of mapped addresses that are routable on the destination network.

● PAT—PAT translates multiple real address to a single mapped IP address.

● Static NAT—Static NAT creates a fixed translation of real addresses to mapped addresses. With dynamic NAT and PAT, each host uses a different address or port for each subsequent translation.

● Static PAT—Static PAT is the same as static NAT, except that it enables you to specify the protocol and port for the real and mapped addresses

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5988-6001).  . Kindle Edition.

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-book/iadnat-addr-consv.html

 

6.3.d Implement and troubleshoot IPv4 network address translation

6.3.d [ii] NAT ALG

Network Address Translation (NAT) performs translation service on any TCP/ UDP traffic that does not carry source and/ or destination IP addresses in the application data stream (ie: http, TFTP, telnet, NTP, NFS, rlogin, rsh, rcp). Specific protocols that do embed IP address information within the payload require support of an application level gateway (ALG). NAT performs translation service on any TCP/ UDP traffic that does not carry the source and destination IP addresses in the application data stream. These protocols include HTTP, TFTP, telnet, Network Time Protocol (NTP), Network File System (NFS ), remote login (rlogin), remote shell (rsh ) protocol, and remote copy (rcp). Specific protocols that do embed IP the address information within the payload require support of an ALG.

NAT with an ALG will translate packets from applications that do not use H. 323, as long as the applications use port 1720.

http://www.cisco.com/en/US/technologies/tk648/tk361/tk438/technologies_white_paper09186a00801af2b9.html

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/15-0s/iadnat-applvlgw.html
Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 6004-6011).  . Kindle Edition.