Generally, the border router is configured for NAT i.e., the router which has one interface in the local (inside) network and one interface in the global (outside) network. When a packet traverse outside the local (inside) network, then NAT converts that local (private) IP address to a global (public) IP address. When a packet enters the local network, the global (public) IP address is converted to a local (private) IP address. As you must be aware that NAT translates the Private IP addresses used inside an Enterprise network into Public IP addresses.
Here are the 4 main terms related to NAT:
- Inside Local: It is a region inside the Enterprise’s network where the hosts have Private IP addresses.
- Inside Global: It is also a region inside the Enterprise network, but Public IP addresses are used in this region (this region is usually connected to the outside network or Internet).
- Outside Local: It is a region that is generally part of the Enterprise network but in a public Internet (or outside the Enterprise Network). The hosts Outside the Local region have private IP addresses.
- Outside Global: It is a part of the Enterprise network in a public Internet where Public IP addresses is used.
|
Range of Private IP addresses
|
Class of IP addresses
|
No. of Networks
|
|
10.0.0.0 to 10.255.255.255
|
A
|
1
|
|
172.16.0.0 to 172.31.255.255
|
B
|
16
|
|
192.168.0.0 to 192.168.255.255
|
C
|
256
|
These Private IP addresses cannot be advertised on the Internet using any routing protocol.
Dynamic NAT:
In Dynamic NAT, IP addresses are dynamically mapped to each other on a one-to-one basis as per the needs. It establishes a mapping between an Inside Local IP address and a pool of Global IP addresses. This type of translation is very useful when there are multiple users in a private network that access the Internet. These Dynamic NAT Translations stay in the translation table until there is traffic flowing from the Local IP address to Global IP address or until the timeout time (24 hours by default) has expired.
Configuration:
Step 1: Configure the interface in the Inside Global as
ip nat outside
Step 2: Configure the interface in the Inside Local as
ip nat inside
Step 3: Create a pool of Global IP addresses:
Router(config)#ip nat pool <pool-name>
<starting-IP> <ending-IP> prefix-length <prefix-length>
Step 4: Create an access list to permit a certain network of IP addresses:
Router(config)#access-list <acl-number>
permit <source-ip-network> <wildcard-mask>
Step 5: Lastly, enable Dynamic NAT by using the command:
Router(config)#ip nat inside source
list <acl-number> pool <pool-name>
R1(config)#int f0/0
R1(config-if)#ip nat outside
R1(config-if)#exit
R1(config)#int f1/0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#ip nat pool pool1 20.1.1.5 20.1.1.20 netmask 255.255.255.0
R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255
R1(config)#ip nat inside source list 1 pool pool1
Now, to verify the NAT translations (to show the translations done by NAT):
R1#show ip nat translations
Whether you're preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape,
GeeksforGeeks Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we've already empowered, and we're here to do the same for you. Don't miss out -
check it out now!
Last Updated :
28 Oct, 2022
Like Article
Save Article