[NAT and static translation, dynamic translation and PAT]
Network Address Tranlation, network address conversion
function: internal network IP to public network IP
Advantages: save common IP, handle address overlap, security, flexibility
Disadvantages: large delay, complex configuration and maintenance, does not support certain applications (static NAT mapping can be avoided )
——Static NAT configuration——
1. Static address is translated to legal external address
Router(config)# ip nat inside source static local-ip global-ip [ extendable ]
2. NAT enabled on port
Router(config-if)# ip nat { inside(entry) | outside(exit) }
3. Configure the default route
Router(config)# ip route 0.0.0.0 0.0.0.0 f0/0 (jump exit)
——NAT port mapping——
Router(config)# ip nat inside source static tcp local-ip 80 global-ip 80
maps the 80 port of the intranet 192.168.1.1 to the 80 port of 61.159.62.133
Router(config)# ip nat inside source static tcp 192.168.1.1 80 61.159.62.133 80
——Dynamic NAT configuration——
1. Define the address list to be translated
Router(config)# access-list 1 permit 192.168.1.0 255.255.255.0
2. Define the address pool after dynamic translation
(range 61.159.62.131~61.159.62.134 )
Router(config)# ip nat pool test0 61.159.62.131 61.159.62.134 netmask 255.255.255.248
3. Convert list 1 to test0
Router(config)# ip nat inside source list 1 pool test0
4. Enable NAT on internal and external ports
Router(config-if)# ip nat outside
Router(config-if)# ip nat inside
5. Configure the default route
Router(config)# ip route 0.0.0.0 0.0.0.0 f0/0 (jump exit)
——PAT configuration——
Port Address Translation, port multiplexing (port address translation), by changing the source IP and source port of outgoing packets, and performing port translation, all hosts in the internal network can share a public IP to access the external network , save IP.
1. Define the internal access list
Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255
2. Define the legal IP address pool
to use the external interface address, no longer define the IP address pool
3. Set up multiplexing dynamic IP address translation
Router (config)# ip nat inside source list 1 int f0/1(external interface) overload(all external networks)
4. Enable NAT on internal and external ports
Router(config-if)# ip nat outside
Router(config-if)# ip nat inside
5. Configure the default route
Router(config)# ip route 0.0.0.0 0.0.0.0 f0/0 (jump exit)
View NAT translation entry
Router# show ip nat translations [ verbose (detailed entry) ]
Clear the NAT translation entry, Static NAT entries are not removed
Router # clear ip nat translations *
trace NAT
Router # debug ip nat