Question on overlap-IP range within organization

Answered Question
May 16th, 2007
User Badges:

Imagine my internal network-organization operates using IP=192.168.1.0/24.


Imagine I have a Department-in-another-corner-of-theworld using private address range 10.0.0.0/8.


Then My-Department-US has some hardcoded devices which require IP address in the range 10.0.0.0/8 in order to operate. Such devices should be placed behind a layer 3 device (router or switch) in order to contain broadcast traffics anyway.


That said, if I let this My-Department-US connect OK on 10.0.0.8/24 and I do #ip nat inside and I translate all inside local addresses on 10.0.0.8/24 using an 'inside global' 192.168.1.0/24 do you see any technical or practical issue in which I should prevent them from using such 10.0.0.0/24 behind this layer 3 device? Just because that IP address range 10.0.0.0/24 conflicts with the Department-inanother-corner-oftheworld that should not be a technical or practical issue to prevent this? Am I right?

Correct Answer by sundar.palaniappan about 9 years 11 months ago

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.


HTH


Sundar

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
sundar.palaniappan Wed, 05/16/2007 - 13:56
User Badges:
  • Green, 3000 points or more

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.


HTH


Sundar

paulnigel Mon, 08/06/2007 - 21:22
User Badges:

hi Sundar,


how do you configure the route to point to the NATed range of IP? if I am using EIGRP, can I just add the NATed range into the EIGRP?


Thanks much,

pn

Jon Marshall Mon, 08/06/2007 - 22:19
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Pn


Yes, that is exactly what you do. You can add a route for the Natted address range and redistribute it into EIGRP.


Jon

Actions

This Discussion