Please enable JavaScript.
Coggle requires JavaScript to display documents.
MODULE 6: NAT of Ipv4, image image image image image image, image, image,…
MODULE 6: NAT of Ipv4
6.2 Types of NAT
6.2.1 Static NAT
Associates a private IP address with a specific public IP address.
No change: The public address always remains the same as the private address.
Common use: Servers with constant internet access..
6.2.2 Dynamic NAT
Translates multiple private IP addresses into one or more public IP addresses.
Public address pool: Dynamically assigned public addresses.
Flexible: Public IP addresses change based on availability.
6.2.3 Port Address Translation (PAT)
One public IP, multiple devices: Differentiated by ports.
Unique ports: Each internal connection has a different port on the public IP.
Common use: Connect multiple devices to the Internet using a single public IP.
6.2.4 Next Available Port
Dynamic Port Assignment: NAT selects the next available port for the connection.
Traffic Control: Optimizes port usage in PAT.
Transparent: Requires no user intervention.
6.2.5 Comparison of NAT and PAT
NAT: Private-to-public IP address translation (1:1 or 1:N).
PAT: Type of NAT that uses ports to connect multiple devices to a single public IP address (one public IP address, many internal devices).
6.2.6 Packets without a Layer 4 segment
Non-Layer 4 packets: Packets that do not contain data at the transport layer (TCP/UDP).
Example: ARP, ICMP.
NAT impact: They cannot be translated by NAT because they do not contain ports.
6.1 NAT Features
6.1.1 Private IPv4 Address Space
Private addresses: Do not route on the Internet.
Range:
Class A: 10.0.0.0 - 10.255.255.255
Class B: 172.16.0.0 - 172.31.255.255
Class C: 192.168.0.0 - 192.168.255.255
6.1.2 What is NAT?
NAT: Translation of private IP addresses into public ones.
Purpose: Allow Internet access and save IPv4 addresses.
6.1.3 How NAT Works Private to public IP translation when leaving the network.Translation table: Associates private and public IPs.
NAT types:Static: 1 private IP <-> 1 public IP.Dynamic: Multiple private IPs to one available public IP.PAT: Multiple private IPs share one public IP (differentiated by ports).
6.1.4 NAT Terminology
Public IP: Visible on the Internet.
Private IP: Used within local networks.
NAT Table: Record of IP and port translations.
PAT (Port Address Translation): Translation using ports.
Incoming Connection: Internet requests to the internal network.
6.5 Dynamic NAT
Dynamic NAT allows multiple devices on a private network to share a pool of public IP addresses for internet access. Unlike static NAT, these assignments are temporary and managed automatically.
How does it work?
An internal device (for example, 192.168.10.10) sends traffic to the Internet.
The router assigns an available public address (for example, 209.165.200.226) and stores it in a NAT table.
When a response arrives, the router translates the public address back to the private address and forwards the packet to the correct device.
Basic configuration:
Define a set of public addresses: ip nat pool NAT-POOL1 209.165.200.226 209.165.200.240.
Identify the traffic to be translated with an ACL: access-list 1 permit 192.168.0.0 0.0.255.255.
Associate the ACL with the address pool: ip nat inside source list 1 pool NAT-POOL1.
Configure the interfaces as "inside" and "outside."
6.6 PAT
Port Address Translation (PAT), also known as NAT overload, allows multiple devices on a private network to share one or more public IP addresses to access the internet. It does this by assigning unique ports to each connection, which differentiates each device's traffic.
PAT Configuration
Using a single public IP address:
Command: ip nat inside source list <ACL> interface <external
interface> overload.
Example:
ip nat inside source list 1 interface Serial0/1/1 overload
access-list 1 permit 192.168.0.0 0.0.255.255
interface Serial0/1/0
ip nat inside
interface Serial0/1/1
ip nat outside
Using a public IP address pool:Command: ip nat inside source list <ACL> pool <pool-name> overload.
Example:
ip nat pool NAT-POOL2 209.165.200.226 209.165.200.240 netmask
255.255.255.224
access-list 1 permit 192.168.0.0 0.0.255.255
ip nat inside source list 1 pool NAT-POOL2 overload
How PAT works
Inside-out:
An internal device (for example, 192.168.10.10) sends traffic to the Internet.
The router assigns a public IP address and a unique port (for example, 209.165.200.225:1444).
It stores this information in the NAT table.
Outside-in:
An external server responds to the internal device using the public IP address and assigned port.
The router consults the NAT table, translates the address and port, and forwards the packet to the correct device.
-
6.7 NAT64
3.- How NAT64 Works
- It allows communication between IPv4-only and IPv6-only networks.
- It is not used to translate private IPv6 addresses to global IPv6 addresses..
-
4.- IPv4 to IPv6 Transition Methods
- Dual-stack: Devices that run IPv4 and IPv6 simultaneously.
- Tunneling: Encapsulates IPv6 packets in IPv4 packets to traverse IPv4 networks.
- Translation (NAT64): Converts IPv6 packets to IPv4 packets and vice versa.
-
2.- Unique Local Addresses (ULA)
- These are similar to private addresses in IPv4.
- They are not intended to expand address space or provide security.
-
5.- Temporary Use of NAT64
- NAT64 is not a permanent solution.
- It is considered a transition tool until networks are fully IPv6-enabled.
- It replaces the older NAT-PT, which was deprecated.
-
1.- Need for NAT in IPv6
- IPv6 was designed to avoid the need for NAT.
- However, NAT64 is used for interoperability between IPv4 and IPv6 networks.
-
6.4
Static NAT
Concept: :Static NAT is a one-to-one mapping between an internal and an external address, allowing external devices to initiate connections to internal devices using a fixed public address.
Configuration:
Step 1: Create a mapping between the internal local address and the internal global address.
- Example: 192.168.10.254 → 209.165.201.5
Step 2: Configure interfaces as internal or external.
*Internal: R2 Serial 0/1/0
*External: R2 Serial 0/1/1
Usage and Analysis: It is used when external clients need to access internal servers, keeping the translation always active in the NAT table.
Verification:
- show ip nat translations → Displays active NAT translations.
- show ip nat statistics → Shows translation count, used addresses, and configuration details.
- clear ip nat statistics → Clears previous statistics before testing.
-
-
-
-
-
-
