Re: NAT Configuration

From: Héctor Fernández (gnakh@telefonica.net)
Date: Tue Aug 23 2005 - 12:15:51 GMT-3

• Next message: Swaroop Potdar: "Rate Limit & CEF"
• Previous message: Arun Arumuganainar: "Re: OSPF Virtual-Link & GRE"
• Maybe in reply to: Morakinyo Salami: "NAT Configuration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

If it's an static translation, both directions are translated... it roughly
like if you had an "ip nat inside source" for inside-to-outside traffic and
a "ip nat outside destination" for the returning traffic.
If the translation (NAT o PAT) is dynamic and it has not been established
yet , if the translation was inside->outside, and the packet hits the inside
global IP or port, the routers should drop the packet, afaik.
Go to www.cisco.com and look for "nat order of operation". It may clarify
how routers deal with NAT.

You'll never see the inside local since router will translate any packet
going to or coming from the IP inside local address (as long as it crosses
the nat process) . For the outside world, the inside local address does not
exist.

Best regards

Hictor

----- Original Message -----
From: "Morakinyo Salami" <msa@emperion.net>
To: <ccielab@groupstudy.com>
Sent: Tuesday, August 23, 2005 1:54 PM
Subject: NAT Configuration

> Hi All,
>
> I have NAT configured on my edge internet router. The NAT translation
> has the internal IP Address translated to a different IP that is not
> configured on the Router. The inside IP belongs to a web server. The NAT
> is working fine because the users are browsing okay. What is however
> perplexing and that I need to understand is that when I do a trace route
> to the Internal IP of the Web server, it stops at the Inside global IP
> address. Also note that the ISP is routing traffic for both the inside
> local IP and the inside global. I would expect that a trace route from
> the internet should take me to the inside local address as the traffic
> is coming in from the outside and should not get translated. Thoughts on
> this will be highly appreciated. Thanks.
>
>
>
> Regards,
>
> Morakinyo.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Swaroop Potdar: "Rate Limit & CEF"
• Previous message: Arun Arumuganainar: "Re: OSPF Virtual-Link & GRE"
• Maybe in reply to: Morakinyo Salami: "NAT Configuration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3