Section 7. Enabling Internet Connectivity

Question 1

Q1-What is Dynamic Host Configuration Protocol (DHCP)?

Answer 1

DHCP is a protocol that is based on a client-server model that dynamically allocates the assignment of IP addresses.

The DHCP server is a device that is configured to allocate IP addresses and network configuration.

A DHCP client is a host that requests IP address, subnet mask, default gateway, and other information from a server.

Question 2

Q2-What are the three mechanisms that DHCP uses for IP address allocation?

Answer 2

The three mechanisms that Dynamic Host Configuration Protocol (DHCP) uses for IP address allocation are as follows:

Automatic allocation: Assigns a permanent IP address to a client

Dynamic allocation: Assigns an IP address to a client for a set period of time, for example, 7 days

Manual allocation: Assigns a specific IP address to a client as defined by the administrator using the client’s MAC address

Question 3

Q3-When connecting a router to the Internet, what are the two options for configuring a public IP address from the ISP?

Answer 3

The two options are statically or dynamically using DHCP.

Configuring an IP address statically is done by manually configuring the router interface connecting to the ISP with the public IP address provided to you by the ISP.

Dynamic configuration is done by configuring the router interface connecting to the ISP to be a DHCP client.

Question 4

Q4-How do you configure your Cisco router with a statically assigned IP address?

Answer 4

To configure a Cisco router with a statically assigned address, from global configuration, you would use the ip address ip-address subnetmask interface command.

For example, to configure Gigabit Ethernet interface 0/0 with an IP address of 192.168.0.1/24, you would issue the following commands:
Router(config)# interface g0/0
Router(config-if)# ip address 192.168.0.1 255.255.255.0
Router(config-if)# no shutdown

Question 5

Q5-How would you configure Gigabit Ethernet interface 0/0 on your Cisco router to be a DHCP client?

Answer 5

The ip address dhcp interface command configures an interface to be a DHCP client. To configure Gigabit Ethernet interface 0/0 as a DHCP client, the following commands would be issued on the router:
Router(config)# interface g0/0
Router(config-if)# ip address dhcp
Router(config-if)# no shutdown

Question 6

Q6-What are private IP addresses?

Answer 6

Private IP addresses are defined in RFC 1918 and define blocks of IP addresses that can be used for private use within an organization. These IP addresses are not routable on the Internet, and any organization using private IP addresses that wants to connect to the Internet must use NAT for IP address translation.

Question 7

Q7-What are the three private IP address ranges?

Answer 7

The three private address ranges are as follows:

Class A: 10.0.0.0 to 10.255.255.255

Class B: 172.16.0.0 to 172.31.255.255

Class C: 192.168.0.0 to 192.168.255.255

Question 8

Q8-What is Network Address Translation (NAT)?

Answer 8

NAT is a mechanism where private, nonroutable IP addresses are translated to public routable IP addresses and vice versa.

Question 9

Q9-What are three benefits of NAT?

Answer 9

Three benefits of NAT are as follows:

Eliminates readdressing overhead of hosts that require external access

Conserves IP addresses through application port-level multiplexing

Hides the internal network, providing a small level of network security

Question 10

Q10-What are five drawbacks to using NAT?

Answer 10

Five drawbacks to using NAT are

Some applications depend on end-to-end functionality without modified packets.

End-to-end IP traceability is lost.

Complicates tunneling protocols like IPsec.

Some services that require the initiation of TCP connections from the outside or stateless protocols might be disrupted.

Increases switching delay.

Question 11

Q11-Define the following Cisco NAT terminology:

Inside local address

Inside global address

Outside local address

Outside global address

Answer 11

These terms are defined as follows:

Inside local address: The IP address assigned to a host on the inside, private network. This is usually a private (RFC 1918) IP address.

Inside global address: A registered, Internet-routable IP address that represents one or more inside local IP addresses to the outside world.

Outside local address: The IP address of an outside host as it appears to the inside, private network.

Outside global address: The IP address assigned to a host on the outside network by the host’s owner. This is usually a routable IP address.

Question 12

Q12-What is static NAT?

Answer 12

Static NAT provides a one-to-one mapping, translating one private IP address to one public IP address.

Question 13

Q13-What is dynamic NAT?

Answer 13

Dynamic NAT provides a many-to-many mapping, translating private IP addresses to public IP addresses from a group of public IP addresses.

Question 14

Q14-What is overload NAT?

Answer 14

Overload NAT is another term for Port Address Translation (PAT). It has a many-to-one or many-to-many mapping using different port numbers to add uniqueness.

Other types of NAT are static NAT and dynamic NAT. Static NAT provides a one-to-one translation and is useful if an inside host needs to be accessed from the outside. Dynamic NAT maps a group of private IP addresses to a routable IP address from a pool of routable IP addresses dynamically.

Question 15

Q15-How many internal hosts can be translated to one routable IP address through PAT?

Answer 15

Theoretically, 65,536 internal hosts can be translated by PAT using one routable IP address.

Question 16

Q16-As a network administrator, you have a router with its G0 interface connected to the Internet and G1 connected to your internal network. Configure internal host 192.168.10.5/24 to be statically translated to the external IP address 216.1.1.3/24.

Answer 16

To configure static NAT, you need to define that address to translate and then configure NAT on the appropriate interfaces. The following example creates the static mapping and defines interface G0 as connecting to the outside network and interface G1 as connecting to the inside network:
RouterB(config)# ip nat inside source static 192.168.10.5 216.1.1.3
RouterB(config)# int g0
RouterB(config-if)# ip nat outside
RouterB(config-if)# int g1
RouterB(config-if)# ip nat inside

Question 17

Q17-How do you configure PAT or overload NAT?

Answer 17

To configure PAT, you need to define an access list that permits the internal hosts to be translated. You then use the ip nat inside source list access-list-number interface interface-type overload global command followed by specifying the inside and outside interfaces. The following example enables PAT for internal host 192.168.10.0/24 using the external IP address on interface g0/1 and interface g0/0 as the inside interface:
RouterB(config)# access-list 20 permit 192.168.10.0 0.0.0.255
RouterB(config)# interface g0/0
RouterB(config-if)# ip nat inside
RouterB(config-if)# interface g0/1
RouterB(config-if)# ip nat outside
RouterB(config)# ip nat inside source list 20 interface g0 overload

Question 18

Q18-How do you view the active NAT translations in the NAT table?

Answer 18

To view the active NAT mappings in the NAT table, use the show ip nat translation command, as follows:
RouterB# show ip nat translation
Pro Inside global Inside local Outside local Outside global
— 216.1.1.1 192.168.10.5 — —
— 216.1.1.2 192.168.10.16 — —

Question 19

Q19-What Cisco command clears all the NAT mappings in the NAT table?

Answer 19

The clear ip nat translation * command clears all the NAT translations in the NAT table. This command is useful for troubleshooting NAT.

The NAT table is stored in memory and is cleared when the router is rebooted.

Question 20

Q20-When troubleshooting NAT, what Cisco IOS command displays every packet that is translated by the router?

Answer 20

To troubleshoot NAT and view every packet that is translated by the router, use the debug ip nat command.

Question 21

Q21-What does the show ip nat statistics command display?

Answer 21

The show ip nat statistics command displays information about the total number of active translations, NAT configuration parameters, the number of addresses in the pool, and the number that have been allocated.