NAT (Network Address Translation) is the process of converting the IP address in the IP address data packet header to another IP address. In practical applications, Nat is mainly used to enable private networks to access public networks. By using a small number of public IP addresses to represent a large number of private IP addresses, this will help reduce the depletion of available IP address space.
There are three Nat Methods: static Nat, dynamic Nat, and Nat overload (PAT ). (PAT: multiplexing port address translation ).
1. Static NAT: The intranet IP address corresponds to the Internet IP address one by one, and only one Intranet IP address is allowed to access the Internet.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/33/wKioL1PRtPHxFi3NAADCSEgHCGc168.jpg "Title =" qq20140725092655.png "alt =" wkiol1prtphxfi3naadcseghcgc168.jpg "/>
Static NAT configuration command:
Configure the command on the vro as follows:
Ip nat inside source static 192.168.10.2 209.105.200.154
Intranet address Internet address
Ip nat inside
Ip nat outside
In this way, the Intranet 192.168.10.2 corresponds to the Internet 209.105.200.154, and only 192.168.10.2 can access the Internet.
2. Dynamic NAT: maps an intranet address segment to an Internet address pool address. When the IP addresses in the Internet address pool are mapped, the Intranet cannot access the network.
For example:
Inside: 192.168.0.1-10 10
Outside: 200.200.200.1-5 5
When the Intranet IP address accesses the Internet at the same time,
After the five IP addresses on the Internet are mapped,
Other IP addresses in the Intranet cannot access the Internet,
You must wait until the first five mappings are released before accessing
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/34/wKiom1PRtVnxDbIyAAEO612pYvQ063.jpg "Title =" qq20140725092655.png "alt =" wkiom1prtvnxdbiyaaeo612pyvq063.jpg "/>
The configuration command is as follows:
Ip nat pool NAT-POOL1 209.165.200.226 209.165.200.240 netmask too large
Internet address pool
Access-List 1 permit 192.168.0.0 0.255.255
Ip nat inside source list 1 pool nat_pool1
Ip nat inside
Ip nat outside
3. Nat overload (PAT): When the Intranet sends traffic to the Internet, port address translation is used, which is also the most common method.
Example: 192.168.10.2: 20--200.200.200.2: 20
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/34/wKiom1PRtiOxusmlAAFKWOJ7puM343.jpg "Title =" qq20140725092655.png "alt =" wkiom1prtioxusmlaafkwoj7pum343.jpg "/>
The configuration command is as follows:
Access-List 1 permit 192.168.0.0 0.255.255
Ip nat inside source list 1 interface serial 0/0/0 overload
External Interface
Ip nat inside
Ip nat outside
Other commands for Nat are as follows:
View the command:
Show ip nat translation *
Show ip nat statistics
Clear NAT:
Clear ip nat translation...
Port ing:
Ip nat inside source static TCP 192.168.1.4 20 200.200.200.200 20
Intranet address Internet address
This article from the "small strong" blog, please be sure to keep this source http://zouqq.blog.51cto.com/8314092/1529964