From: ccie2be (ccie2be@nyc.rr.com)
Date: Wed Aug 11 2004 - 16:37:43 GMT-3
Yes, source ALWAYS refers to source address. However, what can be very
confusing is which source address -
the source address of packets the NATTING router sends or the source address
of packets sent from some other device and being received by this router.
In this case, since the command you're using is, "ip nat outside source
static <global-ip> <local-ip>", the source in this command refers to the
source address of the packets being received which have a source address of
172.16.0.2 and a destination address of 224.0.0.9.
While this problem took me some time to understand - it's not very
intuitive - here's why it works.
After NAT is correctly configured on rtr X, an entry will exist in the NAT
translation table. This entry translate the SOURCE address, 172.16.0.2,
from packets received from the other rip router to 224.0.0.9.
But, so what, you wonder as I did?
Packets sent from the other router are still sent to 224.0.0.9 and processed
by rip as they should be. So, in reality, this natting doesn't effectively
do a thing with packets arriving at the natting router.
Now, keep in mind, however, a NAT translation still exists in the
translation table. The effect of this is that when the natting router sends
rip packets with a destination address of 224.0.0.9, the NAT process sees
the entry in the translation table and realizes that it must translate the
destination address to 172.16.0.2 which, of course, is the source address of
the packets coming from other rip router.
After I finally understood how this very contrieved problem was solved by
this very convoluted configuration, I wondered why such a convoluted
solution was needed to solve this problem.
My conclusion is that no command exists which would allow the destination
address to be translated directly. For example, there's no command, "ip nat
outside destination static <global-ip> <local-ip>".
So, instead of directly translating the destination address of packets the
NATTING router is sending, what's being done is the source address of
packets being received are translated. This doesn't have any real effect on
the received packets but what it accomplishes is it creates a translation
table entry which is then used by the packets being sent out.
HTH, Tim
----- Original Message -----
From: <gladston@br.ibm.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, August 11, 2004 2:48 PM
Subject: Re: RE: NAT Outside
> Thanks Brian,
>
> =======================
> quoted
>
> The logic of the command is:
> ip nat outside source static <global-ip> <local-ip>
>
> In this case the original destination IP address of 224.0.0.9 (local-ip)
> is NAT'ed to 172.16.0.2 (global-ip).
>
> =======================
>
> Is there a logical reading for the keyword "source" in this example?
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:41 GMT-3