1. NAT description the NAT Function is to connect the network with a private address to the INTERNET of the public network. When the internal network with a private address sends data through the NAT router, the private address is converted to a valid registered IP address to communicate with other hosts on the INTERNET. The NAT router is placed on the boundary of the Intranet and INTERNET and
1. NAT description the NAT Function is to connect the network with a private address to the INTERNET of the public network. When the internal network with a private address sends data through the NAT router, the private address is converted to a valid registered IP address to communicate with other hosts on the INTERNET. The NAT router is placed on the boundary of the Intranet and INTERNET and
1. NAT Introduction
The NAT Function is to connect a network with a private IP address to the INTERNET of a public network. When an internal network with a private IP address sends data through a NAT router, the private address is converted to a valid registered IP address to communicate with other hosts on the INTERNET. The NAT router is placed on the border between the Intranet and the INTERNET and the source address of the packet is converted to a valid IP address before the packet is sent to the external network. When multiple internal hosts share a valid IP address, address translation changes the source port of the outgoing data packet through port multiplexing and completes port ing.
Ii. NAT Work Process
Assume that when a company applies for a ddnleased line, the valid address provided by China Telecom is 61.138.0.93/30, 61.128.0.94/30, the internal network address of the company is 192.168.0.0/24, and the local port address of the router is 192.168.0.254/24, wan port address 61.138.0.93/30,
When 192.168.0.1/24 sends a request to the server 202.98.0.66 on the INTERNET, the corresponding operation procedure is as follows:
(1) The user of the internal host 192.168.0.1/24 sends a connection request to the host 202.98.0.66 on the INTERNET;
(2) When the VBR receives the first packet from the internal host, it checks its NAT ing table. If no ing is established for the IP address, the vro decides to perform address translation for the IP address, the router maps the internal IP address 192.168.0.1 to the valid IP address 61.138.0.93, and attaches port information to differentiate the ing with other internal hosts.
(3) the virtual border router uses a valid IP address 61.138.0.93 and a port number to replace the internal IP address 192.168.0.1 and the corresponding port number, and forwards the packet.
(4) The INTERNET server 202.98.0.66 receives the packet and responds to the internal host 192.168.0.1 with the packet address (61.138.0.93.
When the VBR receives a packet whose destination address is 61.138.0.93, the VBR uses this IP address and port number to find the corresponding internal address and port number from the NAT ing table, then, the destination address of the data packet is converted to the internal address 192.168.0.1, and the data packet is sent to the host. For each request router, the steps 2-5 are repeated.
Iii. vronat NAT FunctionsConfiguration
The preceding assumptions are described as follows:
ConfigurationNAT
(I) CISCO Router
Taking CISCO2501 as an example, the IOS version is required to be 11.2 or later.
Cisco2501 # conf t
Cisco2501 (config) # int e0
Cisco2501 (config-if) # ip address 192.168.0.254 255.255.255.0
Cisco2501 (config-if) # ip nat inside
(Specify the e0 port as the internal port connected to the Intranet)
Cisco2501 (config-if) # int s0
Cisco2501 (config-if) # encapsulation ppp
(The encapsulation method is PPP)
Cisco2501 (config-if) # ip address 61.138.0.93 255.255.255.252
Cisco2501 (config-if) # ip nat outside
(Specify s0 as the external port connected to the external network)
Cisco2501 (config-if) # exit
Cisco2501 (config) # bandwidth 128
(Specify the network bandwidth of 128 KB)
Cisco2501 (config) # ip route 0.0.0.0 0.0.0.0 Serial0
(Specify the default route)
Cisco2501 (config) # ip nat pool a 61.138.0.93 61.138.0.93 netmask 255.255.252
(Specify the internal valid address pool, starting address, and ending address as the valid IP address 61.138.0.93)
Cisco2501 (config) # access-list 1 permit 192.168.0.0 0.0.255
(Define a standard access-list rule to allow which internal addresses can be converted)
Cisco2501 (config) # ip nat inside source list 1 pool a overload
(Set up address conversion between internal addresses and valid IP addresses)
Cisco2501 (config) # end
Cisco2501 # wr
(Ii) 3COM Router
Taking 3COM OCBN8832 as an example, the software version must be later than 11.0.
Run the following command to register as root:
Configuration:
(1)
ConfigurationLAN port
[1] EnterpriseOS # setdefault! 1-ip netaddress = 192.168.0.254 255.255.255.0
[2] EnterpriseOS # setdefault !! -Path control = enable (activates the router LAN port PATH)
[3] EnterpriseOS # setdefault! 1-port control = enable (activate the local PORT of the router)
(2)
ConfigurationWan serial port
[4] EnterpriseOS # setdefault! 3-path linetype = leased (specify the communication line type used by this port)
[5] EnterpriseOS # setdefault! 4-port owner = ppp (indicates the user of the port)
[6] EnterpriseOS # setdefault! 4-ip netaddress = 61.138.0.93 255.255.255.252
[7] EnterpriseOS # setdefault! 4-nat addressmap 192.168.0.0/24 61.138.0.93 outbound
(Convert the IP address used by the host inside 192.168.0.0/24 to 61.138.0.93)
[8] EnterpriseOS # setdault! 4-nat control = enable (enable NAT service)
[9] EnterpriseOS # setdault! 3-path control = enable
[10] EnterpriseOS # setdault! 4-port control = enalbe
(3)
ConfigurationDefault route
[11] EnterpriseOS # setdault-ip control = router (activates the router routing function)
[12] EnterpriseOS # add-ip route 0.0.0.0 0.0.0.0! 4
