From: Church, Chuck (cchurch@wamnetgov.com)
Date: Sun Nov 23 2003 - 19:53:13 GMT-3
Normal uni-directional NAT will hide an address (change the source and/or destination addresses) in one direction only. Bi-directional will change it in both directions. Picture a network like below:
Host A-----Router----Host B
with Host A on the 'nat inside' interface, and B on the 'nat outside' interface.
If Host A has a configured inside static nat, it can be reached from host B via an address held by the router. These packets reaching A will have host B's real source address. A will respond to B's real address.
But if you wanted bi-directional nat, you'd configure a static or pool for the outside also, so that when B sends to A, B's source address is changed at the router, so that both the source and the destination address change for any given packet. A sees B as a fictitious address held by the router, and B sees A as the same.
Bi-directional NAT is most useful for connecting 2 networks where the address spaces have some duplication. HTH.
Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch@wamnetgov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40wamnetgov.com
> -----Original Message-----
> From: Ken.Farrington@barclayscapital.com
> [mailto:Ken.Farrington@barclayscapital.com]
> Sent: Sunday, November 23, 2003 5:05 PM
> To: ziltener@netcloud.ch; ccielab@groupstudy.com
> Subject: RE: example of bi-directional NAT
>
>
> umm, i dont understand the bi-directional part? NAT is bi-di so am a
> little confused as to the question my friend ?
>
> ?
>
> -----Original Message-----
> From: Oliver Ziltener [mailto:ziltener@netcloud.ch]
> Sent: 23 November 2003 17:57
> To: ccielab@groupstudy.com
> Subject: example of bi-directional NAT
>
>
> Hello
> can someone give me an example of bi-directional NAT on IOS routers?
>
>
> thanks
> Oliver
>
> ______________________________________________________________
> _________
> Please help support GroupStudy by purchasing your study
> materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> --------------------------------------------------------------
> ----------
> For more information about Barclays Capital, please
> visit our web site at http://www.barcap.com.
>
>
> Internet communications are not secure and therefore the Barclays
> Group does not accept legal responsibility for the contents of this
> message. Although the Barclays Group operates anti-virus programmes,
> it does not accept responsibility for any damage whatsoever that is
> caused by viruses being passed. Any views or opinions presented are
> solely those of the author and do not necessarily represent
> those of the
> Barclays Group. Replies to this email may be monitored by
> the Barclays
> Group for operational or business reasons.
>
> --------------------------------------------------------------
> ----------
>
> ______________________________________________________________
> _________
> Please help support GroupStudy by purchasing your study
> materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:16 GMT-3