This is awesome Pavel,
On Tue, May 19, 2009 at 3:26 PM, Pavel Bykov <slidersv_at_gmail.com> wrote:
> Also, just use a structured approach, it's really not that hard.
>
> Here are a couple analogies, that might ease your pain coming together with
> Cisco's terms.
>
> Imagine "inside" and "outside" in terms of building and a chair. A chair
> can
> always be either inside the building or outside the building. It can never
> be at the both places at once and it definitively has to be on one of the
> sides. Same goes for physical location of hosts in the IP network.
>
> Now how you are looking at the chair? You can either be inside the building
> and look at the chair locally, or go outside the building and look at the
> inside chair from outside with the global perspective. So local and global
> defines a viewpoint - where do you look from.
>
> When you are oustside, and you are looking on the inside chair, you look at
> it through window with a global perspective - inside's chair image is
> distorted by the window (read: it's IP adress is translated by the NAT),
> but
> when you are inside the building and looking at the chair locally, it's
> image is not distorted (read: it's IP address is not translated).
>
> Same goes if the chair is outisde the building. If you're outside and the
> chair is outside, you're looking at it with a global perspective, but if
> you
> go inside the building and look at the chair that is outside the building -
> the chair is distorted (translated). So your local view of outside (i.e.
> outside local in Cisco's terms) is distorted by the Window/NAT.
>
> inside local , inside global, outside local and outside global are all
> cisco
> term's that adhere to these concepts
>
> Everything else is just adding to those concepts. NAT POOL are different
> window colors, while ACLs define the types of chairs that can be seen...
> But
> i wouldn't go there with analogies.
>
> Main types of translations are therefore "inside source": how do we see the
> inside chair from outside the building (inside global), and "outside
> source": how do we view the outside chair from inside the building (outside
> local).
>
>
>
>
>
>
> On Mon, May 18, 2009 at 11:43 AM, Dale Shaw <dale.shaw_at_gmail.com> wrote:
>
> > Hi all,
> >
> > I really dislike IOS NAT. Reeeaaallly dislike it. I cut my teeth on
> > NAT on Linux and BSD and it just seems to make so much more sense to
> > me on those systems.
> >
> > The "inside local", "inside global", "outside local" and "outside
> > global" concepts -- why, Cisco? Whhhhhy? And it's just as
> > brain-destroying on PIX/ASA, if you ask me.
> >
> > Anyway, I could whinge and moan about Cisco's implementation all day
> > long, but that's not going to help. Essentially, I'd like to become
> > much better at identifying and applying solutions to NAT scenarios
> > with IOS.
> >
> > I've been setting up NAT on routers for years, and in the end, I can
> > always make it work. For trickier configurations, sure, it takes
> > longer, but I get there. As we all know, though, there's no time for
> > trial and error in the exam room. I want to be able to look at a NAT
> > task and immediately know which interface(s) should be 'inside' and
> > which interface(s) should be 'outside', which of the many NAT
> > configuration options will get the job done, and what "gotchyas" each
> > method comes packaged with (e.g. when static routes are required).
> >
> > Don't get me wrong, I understand how a packet can be transformed by a
> > NAT, it's really just gaining a deeper understanding of Cisco's
> > implementation.
> >
> > So, I guess I'm happy to hear what study material helped you really
> > 'get' NAT - DocCD links, other Cisco.com articles, books, workbooks,
> > whatever - but I'm more interested in the way you approach NAT tasks
> > in terms of logic, strategy and troubleshooting. I personally haven't
> > found a resource yet that gives me the background theory I require to
> > get the most out of practice labs.
> >
> > cheers,
> > Dale
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Salah CCIE# 24207 Blogs and organic groups at http://www.ccie.netReceived on Wed May 20 2009 - 01:36:08 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:43 ART