RE: NAT questions
From: Scott Morris (swm@emanon.com)
Date: Wed Aug 13 2003 - 14:20:37 GMT-3
Correct, you can have the nat for multiple local ports to one global
address OR from multiple global ports to a single local address.
Kinda fun that way!
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
emad
Sent: Wednesday, August 13, 2003 12:56 PM
To: 'Barney Gaumer'; wing_lam@jossynergy.com
Cc: ccielab@groupstudy.com
Subject: RE: NAT questions
Hi Folks,
Wing , I think extendable keyword is initiated mainly for having
different traffic or protocols on the same IP as follows: If we have a
machine having the IP 1.1.1.1 but have web server running on port 80 and
telnet daemon(exp.) on port 23 , in this case we can use extendable
keyword to match all these different ports reflecting different IPs but
on the same IP or same machine , but it is useless to assign different
inside global addresses to the same inside local IP without any
difference between them >...
Cheers
Emad
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Barney Gaumer
Sent: Wednesday, August 13, 2003 7:45 PM
To: wing_lam@jossynergy.com
Cc: ccielab@groupstudy.com
Subject: Re: NAT questions
BBD, it depends on the traffic flow.
Translation occurs before the forwarding decision is
made. There are possibilities for problems based on
who initiates to this type of NAT.
For example, if someone initiates to 3.3.3.3 then the
specific match is for the NAT rule �ip nat inside
source static 1.1.1.1 3.3.3.3 ex� But at any point
during a conversation, if 1.1.1.1 must initiate then
�ip nat inside source static 1.1.1.1 2.2.2.2 ex�
would be matched because it would be the first match.
This would cause the conversation to break down.
You may want to use �ip nat inside source list� so
that you can make the match criteria more specific and
avoid potential problems.
Cheers,
Barney
--- wing_lam@jossynergy.com wrote:
> Hi all,
>
> R5(config)#ip nat inside source static 1.1.1.1
> 3.3.3.3 ex
> R5(config)#ip nat inside source static 1.1.1.1
> 2.2.2.2 ex
> R5(config)#^Z
> R5#sh ip nat tr
> Pro Inside global Inside local Outside
> local Outside global
> --- 2.2.2.2 1.1.1.1 ---
> ---
> --- 3.3.3.3 1.1.1.1 ---
> ---
>
> Which inside global will 1.1.1.1 use? round robin or
> always 2.2.2.2?
>
> Thx,
> BBD (Big Black Dog)
>
>
>
>
>
>
>
> MADMAN
>
>
> <dave@interprise. To:
> emad <emad@zakq8.com>
>
> com> cc:
> ccielab@groupstudy.com
>
> Sent by:
> Subject: Re: NAT questions
>
> nobody@groupstudy
>
>
> .com
>
>
>
>
>
>
>
>
> 08/13/2003 11:26
>
>
> PM
>
>
> Please respond to
>
>
> MADMAN
>
>
>
>
>
>
>
>
>
>
>
>
> emad wrote:
> > Folks,
> > When I shall use the keyword "extendable" in the
> NAT command like this:
> >
> > ip nat inside source static tcp 10.1.1.8 80
> 197.7.9.5 80 extendable
> >
> > Regards
>
> When you have multiple static translations with
> the same local
> address you must use the extendable keyeword or IOS
> will reject the
> ambiguous command.
>
> Dave
>
> --
> David Madland
> CCIE# 2016
> Sr. Network Engineer
> Qwest Communications
> 612-664-3367
>
> "Government can do something for the people only in proportion as it
> can do something to the people." -- Thomas Jefferson
>
>
>
This archive was generated by hypermail 2.1.4
: Tue Sep 02 2003 - 18:53:58 GMT-3