Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNA) > Discussions

_Communities

This Question is Answered
4146 Views 5 Replies Latest reply: Aug 25, 2012 7:47 AM by cammy RSS

Currently Being Moderated

NAT Pool Addresses and IP address of outside interface?

May 25, 2009 5:38 AM

Chris 811 posts since
Jul 25, 2008

Hello All,

 

I'm reviewing the CCNA Skills Review Topology from, "31 Days Before Your CCNA Exam," and I need clarification concerning:

 

The book has an NAT outside interface leading to an ISP using PPP with an pool of addresses from: 209.165.200.240 - 209.165.200.245/29.

However, the IP address of the outside interface is: 209.165.201.1/30

Is this possible?  How is it, that the IP address on the interface, can reside in an different subnet, than the NAT Pool of addresses on the same interface?  Is IOS intelligent enough to handle this? How does the ISP router, "route" data to an interface with more than one subnet hanging-off of it?

 

TIA

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Vlan

     

    This is a guess sometimes you can ask an ISP for a fixed static pool. You get the normal IP address in one range and a group in another.

    Since you are NATing your source address the ISP recognises it from your paid pool and will send traffic back to the normal interface.

    This is a guess it could also be a typing error.

     

    Regards Conwyn

  • Chris Buscemi 203 posts since
    Mar 16, 2009

    The ISP router would route the packets the same way that any router would. By that, I mean a router can have routes to several different subnets all pointing to the same router, some of which may be connected to that router, others may not.

     

    The ISP's router would just have to know that all of those IP addresses are to be routed to the interface configured on the router. The router that is running NAT would then just do the appropriate translating.

     

    I could be wrong, but you should be able to use any pool of NAT addresses, regardless of the configured address on the interface, as long as all of the addresses in the pool are good public addresses. And, like Conwyn said, that is all between you and the ISP.

     

     

    Chris

  • Paul Stewart  -  CCIE Security, CCSI 6,952 posts since
    Jul 18, 2008

    VLAN,

     

    If the ip address pool is a shared space with the outside interface, the ISP will share the route information with the interface.  For example, if the outside address could 1.1.1.1/24 and the pool happened to be 1.1.1.2-253, and the  gateway at the ISP could be 1.1.1.254.  Then the ISP would see anything at 1.1.1.x as directly connected to that router and would distribute that route within their infrastructure.  If this happens to be an ethernet interface, it will arp for each IP address and receive a value for the outside MAC address.

     

    If the IP address pool is separate from the interface address space, the ISP will simply route anything to the address space of the pool to the IP address assigned to the interface.  In either case, the router doesn't care because this only has to do with how the packets are framed at layer 2.  The frames make it to the router based on being framed at layer to for the destination of the outside interface (in either case).  The NAT process will do the address manipulation as it is received at the interface with the "ip nat outside" statement.  This is a difficult concept to explain, but the fact that you asked the question shows that you understand some quite important concepts.

  • cammy 3 posts since
    Jun 18, 2009

    Thanks for posting this.  I was looking at a similar NAT example and wondering how it could possibly work.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)