06-25-2008 11:24 AM
Hi guys
If I am using source nat in ACE (One IP address 10.10.10.200) used for all client address translations.
What would be the difference between the nat-pools configured with different netmask.
What is the recommended netmask for pat, 255.255.255.255 or Vlan interface's Mask (/24 in this case)
and why?
case1:
interface vlan 7
ip address 10.10.10.100 255.255.255.0
nat-pool 1 10.10.10.200 10.10.10.200 netmask 255.255.255.0 pat
service-policy input clientvips
no shutdown
case2:
interface vlan 7
ip address 10.10.10.100 255.255.255.0
nat-pool 1 10.10.10.200 10.10.10.200 netmask 255.255.255.255 pat
service-policy input clientvips
no shutdown
Thanks in Advance
A.
06-25-2008 09:50 PM
I always use a netmask matching the subnet.
But actually it can be whatever you want.
The netmask is not being used.
Gilles.
06-25-2008 11:02 PM
Gilles
Thanks a lot. It makes more sense now.
I posted another question for an ACE design validation. Could you please validate this
I am planning to deploy ACE module in following manner:
> ACE will be in one arm mode ( Only one vlan connected to the ACE).
> Vips & Rservers (all serverfarms) will be in the same Vlan X.
> Default gateway on the ACE & Real servers will be the upstream router
> There will be Source NAT configured for all Serverfarms.
ACE --- Vlan X -------Router--- internet
.................|
.................|-- Sfarm 1
.................|
.................|-- Sfarm 2
.................|
.................|-- Sfarm n
I am pretty sure that it should work.
Just wanted an expert opinion.
Thanks
06-26-2008 02:49 AM
Perfectly valid design.
Gilles.
09-19-2008 08:58 AM
Hi,
The netmasks are both correct for the pools, however if the mask was 255.255.255.252, the address would fall on the network portion, so the only valid addresses would be 201, and 202. Giles might correct me for the ACE.
Gary
09-22-2008 12:22 AM
Gary is correct.
The netmask is actually used (it wasn't before but it is now) to determine what addresses in the pool should not be used (broadcast addresses).
G.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide