IP Services (NAT, NTP, FHRP)

Question 1

What is source NAT?

Answer 1

When the source address is translated to another address as part of the initial translation.

Question 2

What is Destination NAT?

Answer 2

When the destination address is translated to another address as part of the initial translation.

Question 3

What is Static NAT?

Answer 3

A hard coded translation of one address to another in the router

Question 4

What is Dynamic NAT?

Answer 4

When a range of addresses is translated on the fly by the router for a pre-defined pool of available translation addresses.

Question 5

What are the differences between inside local, inside global, outside local, and outside global addresses?

Answer 5

Inside local: The actual private IP address assigned to a device on the inside network(s).

Inside global: The public IP address that represents one or more inside local IP addresses to the outside.

Outside local: The IP address of an outside host as it appears to the inside network. The IP address does not have to be reachable by the outside but is considered private and must be reachable by the inside network.

Outside global: The public IP address assigned to a host on the outside network. This IP address must be reachable by the outside network.

Question 6

What is PAT?

Answer 6

Port Address Translation aka NAT overload. When many addresses are translated to a single address. This uses the private address and the port number to map to the global address with a port number in the translation table.

Question 7

When configuring a destination NAT (from the outside to the inside), what option might you need to add to ensure the router creates a 32 bit entry in the routing table?

Answer 7

add-route

example ip nat outside source tcp 199.10.10.1 80 10.1.1.10 6777 add-route

Question 8

Command to set an interface to be an inside or outside for NAT?

Answer 8

R1(config-if)# ip nat {inside | outside}

Question 9

Command to set a static NAT

Answer 9

R1(config)# ip nat {inside | outide} source static {source-address} {dest-address}

Question 10

Command to create a pool of NAT addresses

Answer 10

R1(config)# ip nat pool NAME {start-address} {end-address*} prefix-length 24

Question 11

Command to create an ACL to use for NAT

Answer 11

R1(config)# ip access-list standard {network-prefix} {wildcard-mask}

OR

R1(config)# ip access-list extended NAME
R1(config-ext-acl)# permit ip {network-prefix} {wildcard-mask} any

Question 12

Command to set a pooled NAT

Answer 12

R1(config)# ip nat {inside | outside} source list ACL_NAME pool POOL_NAME

Question 13

Command to set a dynamic PAT

Answer 13

R1(config)# ip nat inside source list ACL_NAME interface {outside-int} overload

OR

R1(config)# ip nat inside source list ACL_NAME pool POOL_NAME overload

Question 14

Command to set a static PAT

Answer 14

R1(config)# ip nat {inside | outside} source static tcp {address} {port} {address} {port}

Question 15

Command to display NAT translations

Answer 15

R1# show ip nat translations [brief]

Question 16

What port is used by NTP?

Answer 16

UDP 123

Question 17

What services on a Cisco router could be affected by NTP being inaccurate?

Answer 17

• Certificates
• Log Files
• VPN encryption keys
• Password expirations

Question 18

What purpose does Stratum serve in NTP?

Answer 18

It defines which NTP source should be most preferred when multiple sources exist. Lowest is best.

Question 19

In NTP, which “Stratum” is considered best?

Answer 19

Stratum 0

Question 20

What is the command to manually set the time on a router?

Answer 20

From privileged exec mode!

R1# clock set hh:mm:ss

Question 21

What is the command to set the time-zone on a router?

Answer 21

R1(config)# clock timezone NAME {offset}

example: R1(config)# clock timezone EASTERN -5

Question 22

What is the command to make a router the main NTP source?

Answer 22

R1(config)# ntp master {stratum-number}

Question 23

What is the command to set a NTP source for a router?

Answer 23

R1(config)# ntp server {ip-address}

NOTE: Multiple NTP servers can be set

Question 24

What is the command to set daylight savings time on a router?

Answer 24

R1(config)# clock summer-time NAME {many options [ ] [ ]}

Question 25

What are NTP peers?

Answer 25

When a couple of NTP devices point to each other for NTP redundancy to keep each other’s clocks in sync in the event that external NTP sources become unreachable.

Question 26

What is the command to set a NTP peer?

Answer 26

R1(config)# ntp peer {ip_address}

Question 27

What is PTP?

Answer 27

Precision Time Protocol (PTP) is defined in IEEE 1588 as Precision Clock Synchronization for Networked
Measurements and Control Systems, and was developed to synchronize the clocks in packet-based networks
that include distributed device clocks of varying precision and stability. PTP is designed specifically for
industrial, networked measurement and control systems, and is optimal for use in distributed systems because
it requires minimal bandwidth and little processing overhead.