cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
592
Views
0
Helpful
8
Replies

exam Nat question

mahesh18
Level 6
Level 6

hi all,

An organization has one router that is its border with the outside

world. The gateway router is connected to three internal routers.

Only the internal routers have feeds to hosts.

NAT needs to be implemented and all the hosts need to be put into

a private address space.

The question is whether one should implement NAT on the gateway

router, or implement NAT once on each interior router.

What is the "correct" answer?

thanks

8 Replies 8

joseph.derrick
Level 1
Level 1

Hi Mahesh18,

My opinion is to perform NAT on your 3 internal routers and configure a routing protocol between your internal and border routers.

In this way, border router will free up itself from processes related to network address translation.

Please rate if it helps.

Thanks,

Deejay

foxbatreco
Level 3
Level 3

NAT should be done on the internal routers itself as thats the initial point of contact for the hosts carryin private ip to move out into the clouds.These internal routers can den use either some Dynamic routing protocol to exchange routes between itself & border router or better can make use of simple default route to border one.

This will relieve border router of unwarranted checks and nat tables.NAT table works better if its near to the emanating traffic for outgoing ones.

Rate if this helps!!!

Hi thanks

for greathelp

michael.leblanc
Level 4
Level 4

You would do NAT overload (PAT) at the network edge (on the gateway router). All internal interfaces including the outside interfaces of the three internal routers would have private addresses.

All NAT/PAT configuration would be consolidated on the single device. This is also where you would establish static NAT translations for public access to inside servers (if any).

You would likely choose to use a dynamic routing protocol between the gateway router and the three internal routers to facilitate communication between the three innermost LANs.

hi Michael thanks for reply.

So NAT overloading is used as we have more Private IP addresses as compare to Public IP

address?

Think in terms of one-to-one, many-to-one, dynamic, and static translations.

PAT is a many-to-one translation. It is often used when you only have one "inside global address" (i.e.: one global IP representing multiple inside hosts).

However, when more than one global IP is available, PAT can co-exist with other translations as well.

NAT can be used to do a static one-to-one translation where one specific private IP is mapped to one specific global IP.

NAT can be used to do dynamic one-to-one translations where a private IP is mapped "temporarily" to a global IP from a pool, and then relinquished when no longer needed, to be used by another host.

You could do static one-to-one for some of your hosts, and dynamic one-to-one for the remaining hosts (using a pool), or alternatively, many-to-one using PAT.

Thanks for help again

Your welcome.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: