PAT - Port Address
translation. We use PAT in that condition when we have few Public IP
& hundreds of inside local address need to translate. Pat use port
numbers in transport layer to identify hosts. can translate up to 65,000
hosts with one real IP.Sometimes we called this overload operation also.
In this example the internal network using 30.0.0.0 network.we will use one public ip 50.0.0.1.
Router(config)#hostname R0
R0(config)#enable secret open
R0(config)#int fa
R0(config)#int fastEthernet 0/1
R0(config-if)#ip add
R0(config-if)#ip address 30.0.0.1 255.0.0.0
R0(config-if)#no shut
R0(config)#enable secret open
R0(config)#int fa
R0(config)#int fastEthernet 0/1
R0(config-if)#ip add
R0(config-if)#ip address 30.0.0.1 255.0.0.0
R0(config-if)#no shut
R0(config-if)#exit
R0(config)#int serial 2/0
R0(config-if)#ip add
R0(config-if)#ip address 20.0.0.1 255.0.0.0
R0(config-if)#no shut
R0(config-if)#ip address 20.0.0.1 255.0.0.0
R0(config-if)#no shut
R0(config)#ip route 0.0.0.0 0.0.0.0 serial 2/0
R0(config)#access-list 1 permit 30.0.0.0 0.0.0.255
R0(config)#ip nat pool test 50.0.0.1 50.0.0.1 netmask 255.0.0.0
R0(config)#ip nat inside source list 1 pool test overload
R0(config)#ip nat pool test 50.0.0.1 50.0.0.1 netmask 255.0.0.0
R0(config)#ip nat inside source list 1 pool test overload
R0(config)#int fastEthernet 0/1
R0(config-if)#ip nat inside
R0(config-if)#exit
R0(config)#int serial 2/0
R0(config-if)#ip nat outside
R0(config-if)#exit
R0(config)#exit
R0(config-if)#ip nat inside
R0(config-if)#exit
R0(config)#int serial 2/0
R0(config-if)#ip nat outside
R0(config-if)#exit
R0(config)#exit
Now goto R1 Router
Router(config)#hostname R1
R1(config)#enable secret open
R1(config)#enable secret open
R1(config)#int fastEthernet 0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shut
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#int serial 2/0
R1(config-if)#ip address 20.0.0.2 255.0.0.0
R1(config-if)#no shut
R1(config-if)#no shut
R1(config)#ip route 0.0.0.0 0.0.0.0 serial 2/0
Now ping from all host PC to server(10.0.0.2) and goto R0 Router and apply below command.We can see port numbers with below report.
R0#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 50.0.0.1:1024 30.0.0.2:1 10.0.0.2:1 10.0.0.2:1024
icmp 50.0.0.1:1025 30.0.0.2:2 10.0.0.2:2 10.0.0.2:1025
icmp 50.0.0.1:1026 30.0.0.2:3 10.0.0.2:3 10.0.0.2:1026
icmp 50.0.0.1:1027 30.0.0.2:4 10.0.0.2:4 10.0.0.2:1027
icmp 50.0.0.1:1 30.0.0.3:1 10.0.0.2:1 10.0.0.2:1
icmp 50.0.0.1:2 30.0.0.3:2 10.0.0.2:2 10.0.0.2:2
icmp 50.0.0.1:3 30.0.0.3:3 10.0.0.2:3 10.0.0.2:3
icmp 50.0.0.1:4 30.0.0.3:4 10.0.0.2:4 10.0.0.2:4
Pro Inside global Inside local Outside local Outside global
icmp 50.0.0.1:1024 30.0.0.2:1 10.0.0.2:1 10.0.0.2:1024
icmp 50.0.0.1:1025 30.0.0.2:2 10.0.0.2:2 10.0.0.2:1025
icmp 50.0.0.1:1026 30.0.0.2:3 10.0.0.2:3 10.0.0.2:1026
icmp 50.0.0.1:1027 30.0.0.2:4 10.0.0.2:4 10.0.0.2:1027
icmp 50.0.0.1:1 30.0.0.3:1 10.0.0.2:1 10.0.0.2:1
icmp 50.0.0.1:2 30.0.0.3:2 10.0.0.2:2 10.0.0.2:2
icmp 50.0.0.1:3 30.0.0.3:3 10.0.0.2:3 10.0.0.2:3
icmp 50.0.0.1:4 30.0.0.3:4 10.0.0.2:4 10.0.0.2:4
——————– Thanks Everyone
0 comments:
Post a Comment