Chapter 27 - Network Address Translation Flashcards
Which of the following summarized subnets represent routes that could have been created for CIDR’s goal to reduce the size of Internet routing tables?
a. 10.0.0.0 255.255.255.0
b. 10.1.0.0 255.255.0.0
c. 200.1.1.0 255.255.255.0
d. 200.1.0.0 255.255.0.0
D.
CIDR’s original intent was to allow the summarization of multiple Class A, B, and C networks to reduce the size of Internet routing tables. Of the answers, only 200.1.0.0 255.255.0.0 summarizes multiple networks.
Which of the following are not private addresses according to RFC 1918?
(Choose two answers.)
a. 172.31.1.1
b. 172.33.1.1
c. 10.255.1.1
d. 10.1.255.1
e. 191.168.1.1
B and E.
RFC 1918 identifies private network numbers. It includes Class A network 10.0.0.0, Class B networks 172.16.0.0 through 172.31.0.0, and Class C networks 192.168.0.0 through 192.168.255.0.
With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created?
a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command
C.
With static NAT, the entries are statically configured. Because the question mentions translation for inside addresses, the inside keyword is needed in the command.
With dynamic NAT, performing translation for inside addresses only, what causes NAT table entries to be created?
a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command
A.
With dynamic NAT, the entries are created as a result of the first packet flow from the inside network.
NAT has been configured to translate source addresses of packets for the inside part of the network, but only for some hosts as identified by an access control list. Which of the following commands indirectly identifies the hosts?
a. ip nat inside source list 1 pool barney
b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0
c. ip nat inside
d. ip nat inside 200.1.1.1 200.1.1.2
A.
The list 1 parameter references an IP ACL, which matches packets, identifying the inside local addresses.
Examine the following configuration commands:
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip nat inside
interface Serial0/0
ip address 200.1.1.249 255.255.255.252
ip nat inside source list 1 interface Serial0/0
access-list 1 permit 10.1.1.0 0.0.0.255
If the configuration is intended to enable source NAT overload, which of the following commands could be useful to complete the configuration?
(Choose two answers.)
a. The ip nat outside command
b. The ip nat pat command
c. The overload keyword
d. The ip nat pool command
A and C.
The configuration is missing the overload keyword in the ip nat inside source command and in the ip nat outside interface subcommand on the serial interface.
Examine the following show command output on a router configured for dynamic NAT:
-- Inside Source
access-list 1 pool fred refcount 2288
pool fred: netmask 255.255.255.240
start 200.1.1.1 end 200.1.1.7
type generic, total addresses 7, allocated 7 (100%), misses 965
Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause?
a. The problem is not related to NAT, based on the information in the command output.
b. The NAT pool does not have enough entries to satisfy all requests.
c. Standard ACL 1 cannot be used; an extended ACL must be used.
d. The command output does not supply enough information to identify the problem.
B.
The last line mentions that the pool has seven addresses, with all seven allocated, with the misses counter close to 1000—meaning that close to 1000 new flows were rejected because of insufficient space in the NAT pool.
