From: Victor Cappuccio (cvictor@protokolgroup.com)
Date: Sat Aug 12 2006 - 06:00:09 ART
We say at my place that when the river is getting noisy is because is full
of rocks.
The NAT router has the job of interfacing the inside network to the outside
network (the Internet), but Say for example, You are Multi-Homed, that
means, you peer with 2 different ISP, and they give you 2 different address
range (Inside Global (IG) - Meaning Reachable by everyone in the Internet
but is "leased" by us to represent internal devices to the world-), and you
need to map a Server with 2 different Public IP Addresses (for ever reason,
redundancy, etc). If you try to map 2 IP Addresses with 1 IP Address you
will get a pretty IOS Message saying something like "% 192.168.0.6 already
mapped (192.168.0.6 -> 200.88.43.6)" if you need to map 1 Address to many
addresses, you need to use the extendable keyword in the nat function.
I've learned with this list that showing the configuration is like showing
the money ;)
R3 peers with R2 se0/0, ISP1 assigns us the address range 200.88.43.0/24
(IG)
R3 peers with R4 se0/1, ISP2 give us the address range 200.44.32.0/24 (IG)
In R3 eth0 is sitting a Web Server with ip add 192.168.0.6.
ip nat outside for s0/0 & S0/1 and ip nat inside in E0 at R3
! Configuration for Mapping of Inside Local to Many Inside Global!!
ip nat inside source static 192.168.0.6 200.88.43.6 extendable
ip nat inside source static 192.168.0.6 200.44.32.6 extendable
Now, Try to ping from R2 to that WServer
R2#ping 200.88.43.6 !! Al Servidor Web
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.88.43.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
R2#show ip route | in O ! Anuncio de las Direcciones IG
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
o - ODR, P - periodic downloaded static route
O 200.88.43.0/24 [110/11] via 32.32.32.3, 00:14:48, Serial0/0
The Debug at R3
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5771]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5772]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5772]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5773]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5773]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5774]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5774]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5775]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5775]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5776]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5776]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5777]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5777]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5778]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5778]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5779]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5779]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5780]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5780]
Also works for R4
R4#ping 200.44.32.6 !! 2 the WebServer
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.44.32.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/60/60 ms
R4#show ip route eigrp !! IG At R3
D 200.44.32.0/24 [90/2297856] via 34.34.34.3, 00:29:04, Serial0/0
Thanks & Sorry for the bad English
Victor.-
-----Mensaje original-----
De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de
cheechew
Enviado el: Sabado, 12 de Agosto de 2006 02:49 a.m.
Para: ccielab@groupstudy.com
Asunto: nat extendable
Could someone help me to understand what is the funtion of the extendable
keyword in NAT?
I had search througth Cisco configuration guide, but unfortunately it give
very little explaination on it.
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART