Allows you to thoroughly learn Cisco router nat configurations

It is still difficult for general users to implement effective Cisco router nat configuration. So I have studied the comprehensive knowledge about Cisco router nat configuration and will share it with you here, I hope it will be useful to you.

1. NAT introduction:

NATNetwork Address Translation) Network Address Translation first appeared in Cisco 11.2 IOS. It is defined in RFC1631 and RFC3022. The main role of Cisco router nat configuration is to alleviate IPv4 Address space shortage, at the same time, it also brings about some problems. For example, after each packet arrives at the vro, the packet header must be switched, which increases the latency. DNS region transfer, BOOTP/DHCP, and other protocols cannot cross the NAT router; the source IP address is changed, and the IP traffic tracking capability is lost. Therefore, the responsibility is unclear. However, the advantage is more than the disadvantage, or you will not learn it! There is still a special chapter in the latest CCNA640-802 Learning Guide to explain NAT, its importance is evident.

Ii. Cisco router nat configuration terminology: It is difficult to understand, so here we will summarize the terms in the clearest language as follows:

Internal local address): the address of the host inside the LAN, which is usually the address in the RFC1918 address space. It is called a private address.
Internal global address): The address after the local address is converted by the NAT router, usually a public IP address that can be routed.
External global address (outside global address): the address of the target host that communicates with the internal host, usually a public IP address that can be routed.
External local address outside local address): The address after the public address that can be routed by the target host is converted, usually the address in the RFC1918 address space.

Iii. Cisco router nat configuration details:

1. Static NAT: one-to-one ing between a private IP address and a public IP address for a Cisco router nat configuration method, generally, you only need to configure the Intranet server that provides services to the Internet. After the interface addresses are configured as above, configure routes on R1 and R2. Do not add route entries for 192.168.0.0 because private networks cannot appear in the public network routing table, otherwise, it will not be called a private address)
After nat is configured on the Cisco router, You can ping PC3 on R1, but PC1 can only ping S0/0 on R1, And Then ping forward. Because there is no route table entry for the 192.168.0.0 network, it is discarded! Next, configure static NAT on R1 to enable PC1 to communicate with PC3.

2. Dynamic NAT: PC1 can now communicate with PC3. But PC2 cannot, because R1 does not provide address conversion for pc2. Of course, we can also perform a static conversion for PC2 on R1, just like for PC1, but if we have 100 machines, the workload will be too heavy. Next we will continue the Cisco router nat configuration on R1:
Router (config) # access-list 10 permit 192.168.0.0 0.0.255 // define the standard access Control list 10 only allow the defined addresses to be converted
Router (config) # ip nat pool out 202.106.0.4 202.106.0.24 netmask 255.255.255.0 // defines an address pool named out.
Router (config) # ip nat inside source list 10 pool out // associate the address defined in the access control list with the address pool so that the first 21 internal hosts can obtain the Internet address.
Now PC2 can communicate with PC3. This is dynamic NAT, which cannot save IP addresses. One hundred public IP addresses are required for 100 hosts, which are not commonly used.

3. PATPort Address Translation) port Address Translation: one or more public IP addresses are used to provide Translation for multiple private addresses, which can save a lot of IP addresses. This method is most commonly used in real network environments. Router (config) # ip nat inside source list 10 pool out overload // you only need to add an "overload" on the basis of dynamic NAT to allow repeated use of the above 21 public addresses. Router (config) # ip nat inside source list 10 interface serial 0 overload // No address pool is set on R1, because there is only one public address, instead, it only overload the address of the S0/0 interface. Note: a nat translation entry occupies 160 bytes of memory. Therefore, the NAT translation quantity is limited by the memory of the vro.