From: Chuck Larrieu (chuck@xxxxxxxxxxxxx)
Date: Thu Jan 11 2001 - 16:17:36 GMT-3
Forgive me this question, but WHY?
The point of secondary addressing is to expand the number of addresses
available on the same physical wire.
NAT, on the other hand, is done generally the edge of your network - between
inside and outside domains, for any number of reasons.
If you have two subnets, A, and B, and both are on the same physical segment
using secondary addressing, why do you need to NAT between them?
Chuck
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Dan
Skiptunas
Sent: Thursday, January 11, 2001 10:32 AM
To: ccielab@groupstudy.com
Subject: NAT with secondary address
Hello,
I am trying to find out if you can do NAT on the same interface as =
your secondary addresses... both the inside and outside interface the =
same . see config
Thank You,
Dan Skiptunas
Network Engineer
Jannon Solutions
=20
r5#sho run
Building configuration...
=20
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r5
!
enable password cisco
!
username r3 password 0 cisco
ip subnet-zero
no ip domain-lookup
isdn switch-type basic-ni
!
!
!
interface Ethernet0
ip address 1.1.1.1 255.255.255.0 secondary
ip address 170.100.42.241 255.255.255.240
no ip directed-broadcast
ip nat outside
!
interface Serial0
no ip address
no ip directed-broadcast
encapsulation frame-relay
no ip mroute-cache
frame-relay lmi-type ansi
!
interface Serial0.1 multipoint
ip address 170.100.100.1 255.255.255.0
no ip directed-broadcast
ip ospf network point-to-multipoint
ip ospf interface-retry 0
frame-relay map ip 170.100.100.3 203 broadcast
frame-relay map ip 170.100.100.5 202 broadcast
!
interface Serial0.2 point-to-point
ip address 170.100.101.1 255.255.255.0
no ip directed-broadcast
frame-relay interface-dlci 204
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
interface BRI0
ip address 170.100.10.1 255.255.255.240
no ip directed-broadcast
encapsulation ppp
ip ospf interface-retry 0
dialer idle-timeout 300
dialer map ip 170.100.10.2 name r3 broadcast 0835866101
dialer map ip 170.100.10.2 name r3 broadcast 0835866301
dialer load-threshold 1 either
dialer-group 1
isdn switch-type basic-ni
isdn spid1 0835866201 8358662
isdn spid2 0835866401 8358664
ppp authentication chap
ppp multilink
!
router ospf 50
summary-address 1.1.1.0 255.255.255.0 not-advertise
redistribute rip metric 100 metric-type 1 subnets
network 170.100.10.0 0.0.0.255 area 0
network 170.100.100.0 0.0.0.255 area 0
default-information originate metric 100 metric-type 1
!
router rip
version 2
network 170.100.0.0
no auto-summary
!
router igrp 1
redistribute ospf 50 metric 1500 2000 255 1 1500
network 170.100.0.0
!
ip nat pool pool 170.100.42.242 170.100.42.254 netmask 255.255.255.240
ip nat inside source list 11 pool pool overload
ip classless
!
access-list 1 deny 170.100.101.0
access-list 1 permit any
access-list 11 permit 1.1.1.0 0.0.0.254
dialer-list 1 protocol ip permit
!
!
line con 0
transport input none
line aux 0
line vty 0 4
password cisco
login
!
end
=20
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:27 GMT-3