From: alexandros.sichlimiris@bt.com
Date: Wed Sep 12 2007 - 11:11:34 ART
From the cisco web site
http://www.ciscotaccc.com/kaidara-advisor/iprout/showcase?case=K75019454
And in case you need customer access:
"To redirect web traffic to a different port, issue the ip nat inside
source {static {tcp local-ip local-port global-ip global-port }
[extendable] command or the ip nat outside source {static tcp global-ip
global-port local-ip local-port} [extendable] command in global
configuration mode, depending on whether a web server is available on
the inside or outside network. This command *creates a permanent
extended translation entry in the NAT table, which includes the protocol
and port information.*"
Further down that page there is an example:
ip nat inside source static tcp 192.168.1.1 8080 192.168.1.1 80
extendable
!--- The above line configures a static NAT mapping for the web server
192.168.1.1, which is available on the inside network.
This command translates the TCP source port number 8080 to 80 for all
traffic going from the inside to the outside network. In turn, this
configuration translates the destination port number from TCP 80 to 8080
for traffic going from the outside to the inside network.
Thanks,
Alex Sichlimiris
IP Network Engineer
The contents of this e-mail and any attachments contain information that
may be confidential. Unless you are the named addressee (or authorized
to receive for the named addressee) you may not read, copy, distribute,
disclose or otherwise use this information for any purpose. If you have
received this transmission in error, please notify the sender
immediately by reply e-mail and then delete this message from your
system. While we make every reasonable effort to keep our network free
from harmful or malicious code, you do need to check this e-mail (and
any attachments) as we take no responsibility for any harmful or
malicious code transferred by this e-mail.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Salau, Yemi
Sent: 12 September 2007 14:11
To: Prasad Shemrudkar (pshemrud); Alex Steer; Laidlaw, Patrick A.;
ccielab@groupstudy.com
Subject: RE: The ip nat optional extendable
Where did you get that extendable means overloading? I thought Alex said
"I was under the impression extendable keyword means the overloading PAT
router will try to map to the same port number where ever possible."
He didn't say extendable is same as overloading/PAT, extendable enxtends
the address translation to layer 4 ... Patting uses same layer 3 address
with random port numbers to detect who is who, extendable gives the
capability to nat layer 3 and layer 4 at the same time.
Many Thanks
Yemi Salau
-----Original Message-----
From: Prasad Shemrudkar (pshemrud) [mailto:pshemrud@cisco.com]
Sent: Wednesday, September 12, 2007 1:30 PM
To: Salau, Yemi; Alex Steer; Laidlaw, Patrick A.; ccielab@groupstudy.com
Subject: RE: The ip nat optional extendable
Guys,
If extendable is overloading then what is overloading? Does this mean
the even if I do not need PAT, the IOS will automatically PAT (by way of
using extendable option)?
TIA,
Prasad
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Salau, Yemi
Sent: Tuesday, September 11, 2007 2:04 PM
To: Alex Steer; Laidlaw, Patrick A.; ccielab@groupstudy.com
Subject: RE: The ip nat optional extendable
Exactly Alex, extendable option extends NAT capability to port level
(Transport Layer) .... Even if you don't specify it on your ip nat line,
lovely ios adds it for you automatically. This does not necessarily have
to be same port though, so I can nat at both layer 3 and layer 4 .... In
a nut shell, I believe the extendable option "extends" translation
capability to layer 4.
So if I do "ip nat inside source static tcp 1.1.1.1 80 2.2.2.2 80", even
if I don't add the extendable option, ios adds it for you automatically,
and this can be seen clearly with "sh run I I ip nat"
Many Thanks
Yemi Salau
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Alex Steer
Sent: Monday, September 10, 2007 10:29 PM
To: Laidlaw, Patrick A.; ccielab@groupstudy.com
Subject: RE: The ip nat optional extendable
I was under the impression extendable keyword means the overloading PAT
router will try to map to the same port number where ever possible.
Obviously this might not work often with say port 80 so it will just use
another port when it can't
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Laidlaw, Patrick A.
Sent: 10 September 2007 21:34
To: ccielab@groupstudy.com
Subject: The ip nat optional extendable
So for all you smart guys out there I've got a question for you.
The optional command "extendable" has a definition on Cisco's website
extendable
(Optional) Extends the transmission. So what in the world does that
mean? What does this optional command actually do for nat.
I've been looking and don't really see anything explaining how it helps
out NAT or what kind of situation you would or would not use it in. I
know I've seen lots of examples with it in them and that it's needed in
many of them but why is it needed.
Patrick Laidlaw
E: patrick.laidlaw@wwt.com
w: www.wwt.com
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:11 ART