5 Replies Latest reply: Jan 27, 2011 11:03 AM by Terryk RSS

    NAT and nat pools

    Terryk

      hello,

       

      I am trying to understand the natpool "netmask" .  If I want to use just a part of a subnet for the netpool, would I still use a netmask to cover the entire pool?

       

      For example:

       

      129.89.32.40 129.89.32.62 netmask 255.255.255.224

       

      The subnet would actually go from 33 to 63...  is this okay to use the .224?

       

      Are there some rules around the netmask or some suggested appropriate use?

       

      I could have missed it, but I am not seeing this question in the ICND2 but perhaps it is covered.

       

      Thanks for the information,

        • 1. Re: NAT and nat pools
          olliebulle

          Hi Terryk,

           

          The netmask in the command is used to determine what is the network part and the host part of the range you mention. If you don't mention it, the router doesn't know if the 32 for example in the address is part of the network bits or the host bits. With your mask, we know that these bits are network ones.

          • 2. Re: NAT and nat pools
            Terryk

            Yes, I understand this is a mask.  What I don't understand is if it is okay in the above example to use a 224 mask even though I am not using all of the host addresses in this range.  the valid range (I believe) with this netmask would be 33 to 63.  I realize I stated subnets above.  My bad, I meant hosts. 

             

            Does that make more sense?  Sorry for the confusion

            • 3. Re: NAT and nat pools
              olliebulle

              Well, as I understand that, it makes sens the way you type it. The command says : I want to make a NAT pool, with addresses from 129.89.32.40 to 129.89.32.62 and those addresses have the netmask 255.255.255.224, so they belong to the network 129.89.32.32 /27. That doesn't say anywhere to use other addresses than those you mention.

              • 4. Re: NAT and nat pools
                Brian

                Yes, this is perfectly correct.  the net mask must match the subnet to which the IP addresses in your "pool" belong.  While the entire subnet uses the valid host IP addresses 129.89.32.33 - 129.89.32.62, you are saying I want to use only 40 - 62.

                 

                HTH

                 

                • 5. Re: NAT and nat pools
                  Terryk

                  thank you Brian.  this makes sense!