NAT. One pool or many pools for one Inside Global IP

Unanswered Question
Jul 16th, 2009
User Badges:

I have to create access to the list of services via NAT.


Some times inside global IPs (IP that is seen to remote side) are equal for different services.


What is the best practice - create pool on per service basis, e.g.


ip nat pool SERVICE1 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat pool SERVICE2 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat pool SERVICE3 1.1.1.1 1.1.1.1 netmask 255.255.255.0


ip nat inside source route-map SERVICE1-MAP pool SERVICE1

ip nat inside source route-map SERVICE2-MAP pool SERVICE2

ip nat inside source route-map SERVICE3-MAP pool SERVICE3


or one pool for all services that have equal global inside IP, e.g.


ip nat pool 1_1_1_1 1.1.1.1 1.1.1.1 netmask 255.255.255.0


ip nat inside source route-map SERVICE1-MAP pool 1_1_1_1

ip nat inside source route-map SERVICE2-MAP pool 1_1_1_1

ip nat inside source route-map SERVICE3-MAP pool 1_1_1_1


I think that second way is preferable.

I think that when router tries to create new NAT entry it will check - is pool poolname already in use?

If yes, than no new data structure will be created but already existing one will be used.

So, less memory would be allocated and port overlapping would be impossible.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Thu, 07/23/2009 - 08:18
User Badges:
  • Silver, 250 points or more

Yes, you are right second one is good. One pool for all services that have equal global inside IP.

Actions

This Discussion