Chapter 7 Network Address Translation

Question 1

What does NAT stand for?

Answer 1

Network Address Translation

Question 2

What are public and private address

Answer 2

Private IP Addresses
RFC 1918 Address
Routable inside the Enterprise
Not routable in Public Internet
Class A: 10.0.0.0 –10.255.255.255
Class B: 172.16.0.0 –172.31.255.255
Class C: 192.168.0.0.-192.168.255.255

Public IP Addresses
Routable outside the Enterprise
(if Enterprise owns IP Address Space)
Routable inside the Enterprise

Question 3

What are some NAT address Definitions for inside, outside, local and Global

Answer 3

Inside:  Region Inside the Enterprise
(i.e. Inside my control)
Local:  IP Addresses Inside the   
network
Outside:Region Outside the Enterprise
(i.e. outside my control)
Global: IP Addresses Outside the network

Question 4

Is it true that the outside local and outside global be the same? If it is why?

Answer 4

Outside Local= Outside Global because Enterprise is Reference. If the Enterprise user doesn’t know Outside Local Address, then user observes it as equal to Outside Global

Question 5

What is Port PAT and how does it work?

Answer 5

PAT allows a single public IP address to be used by many hosts on the private network

PAT tries to preserve the original source port number.

• If that port number is already use, PAT will assign the first available port number for the appropriate port group
• When there are no more port numbers available, PAT moves to the next public IP address in the pool if there is one.

when sending a ping over PAT, other fields in the ping message are used as substitues for the Port Numbers

Question 6

What is the difference between Staic and dynamic NAT?

Answer 6

Static NAT:

• Assigns one public IP address to one private IP address
• Commonly used for servers that need to be accessed by external devices

Dynamic NAT:

• Assigns a public IP address from a pool of addresses
• NAT translation remains in NAT table based on configured timer duration
• The number of internal devices that can transmit outside the company is limited to the number of public IP addresses in the pool.

Question 7

What are the advantages of NAT?

Answer 7

Every company can use the private IP addresses
Adds services like server load balancing
Do not have to re-address the network if a new ISP or public IP address is assigned
Provides limited network security by hiding private IP addresses

Question 8

What are the disadvantages of NAT?

Answer 8

Performance is degraded -The NAT-enabled border device must track and process each session destined for an external network.
End-to-end IP traceability is lost.
Tunneling becomes more complicated –requires NAT Traversal
Initiating TCP connections can be disrupted.

Question 9

How to configure a Static NAT

Answer 9

ip nat inside source statiuc local-ip global-ip

Question 10

How to configure Dynamic NAT

Answer 10

ip nat pool

access-list 100 permit source [source-wildcard]

ip nat inside source list 100 pool

int g0/0
ip nat

Question 11

What is Port forwarding and what does it do?

Answer 11

Port forwarding allows an external device to reach a device on a specific port number and the device is located on an internal (private) network.

- Required for some peer-to-peer file-sharing programs and operations such as web serving and outgoing FTP
- Solves the problem of NAT only allowing translations for traffic destined for external networks at the request of internal devices.