×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

How ICMP fragments are handled by devices configured for NAT overloading

Document

Wed, 07/22/2009 - 19:30
Jun 22nd, 2009
User Badges:
  • Gold, 750 points or more

Core Issue

Configuring Network Address Translation (NAT) on a device might be required for these purposes:

  • To hide the actual IP address of the inside hosts
  • To strictly control the ability of the inside devices to access the outside world
  • To strictly control access to inside hosts from the outside world

 

NAT overload or Port Address Translation (PAT) allows multiple internal addresses to be translated to an external address by additionally using port numbers to distinguish between translations. When a device configured for NAT overload receives Internet Control Message Protocol (ICMP) fragments, the manner in which the fragments are handled depends on the order in which fragments are received and the state of the NAT translation table.


Resolution

For information on how ICMP fragments are treated by a device configured for NAT, refer to How NAT Handles ICMP Fragments.


Loading.

Actions

This Document

Related Content