From: Mathew Fernando (mathewfer@gmail.com)
Date: Thu Sep 07 2006 - 01:12:28 ART
Hi Kal,
I am sending the below that I captured in this mailing list few weeks ago.
The below was a good description that was done by one active member in this GS.
All the credit goes to that person.
Pls do a search in this GS site to find more emails exchanges on this.
**************
The NAT router has the job of interfacing the inside network to the outside
network (the Internet), but Say for example, You are Multi-Homed, that
means, you peer with 2 different ISP, and they give you 2 different address
range (Inside Global (IG) - Meaning Reachable by everyone in the Internet
but is "leased" by us to represent internal devices to the world-), and you
need to map a Server with 2 different Public IP Addresses (for ever reason,
redundancy, etc). If you try to map 2 IP Addresses with 1 IP Address you
will get a pretty IOS Message saying something like "% 192.168.0.6 already
mapped (192.168.0.6 -> 200.88.43.6)" if you need to map 1 Address to many
addresses, you need to use the extendable keyword in the nat function.
I've learned with this list that showing the configuration is like showing
the money ;)
R3 peers with R2 se0/0, ISP1 assigns us the address range 200.88.43.0/24
(IG)
R3 peers with R4 se0/1, ISP2 give us the address range 200.44.32.0/24 (IG)
In R3 eth0 is sitting a Web Server with ip add 192.168.0.6.
ip nat outside for s0/0 & S0/1 and ip nat inside in E0 at R3
! Configuration for Mapping of Inside Local to Many Inside Global!!
ip nat inside source static 192.168.0.6 200.88.43.6 extendable
ip nat inside source static 192.168.0.6 200.44.32.6 extendable
Now, Try to ping from R2 to that WServer
R2#ping 200.88.43.6 !! Al Servidor Web
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.88.43.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
R2#show ip route | in O ! Anuncio de las Direcciones IG
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
o - ODR, P - periodic downloaded static route
O 200.88.43.0/24 [110/11] via 32.32.32.3, 00:14:48, Serial0/0
The Debug at R3
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5771]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5772]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5772]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5773]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5773]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5774]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5774]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5775]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5775]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5776]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5776]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5777]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5777]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5778]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5778]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5779]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5779]
NAT*: s=32.32.32.2, d=200.88.43.6->192.168.0.6 [5780]
NAT: s=192.168.0.6->200.88.43.6, d=32.32.32.2 [5780]
Also works for R4
R4#ping 200.44.32.6 !! 2 the WebServer
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.44.32.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/60/60 ms
R4#show ip route eigrp !! IG At R3
D 200.44.32.0/24 [90/2297856] via 34.34.34.3, 00:29:04, Serial0/0
On 9/7/06, Kal Han <calikali2006@gmail.com> wrote:
> Hi
> Can some one let me know where exactly these keywords can be used with nat.
> nat... extendable, no-alias and redundancy.
>
> I tried to look at cisco documentation. But its very unclear.
>
> *extendable*
>
> (Optional) Extends the translation.
>
> *no-alias*
>
> (Optional) Prohibits an alias from being created for the global address.
> *redundancy *group-name
> (Optional) Establishes NAT redundancy.
>
>
> They just wrote the same thing in the description.
> Thanks
> Kal
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- ThanksMathew
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:40 ART