This is the Q&A from from Understanding and troubleshooting of ( NAT) and IP Routing protocol Session -9
NAT related questions:
Q.What happens to next request for Natting, if all IP address from NAT pool is already assigned to private IPs?
A.If you are using dynamic nat (no overload), the packet is not Natted. It is mostly dropped, but at times could be sent un-Natted.
Q.What type of need to be used if i want to allow public users for cisco CUCM and UNIX server?
A.You would need to use static NAT for CUCM and UNIX server so that they can publically accessible over internet.
Q.What is route map?
A.Route maps is use for various purpose depending on the requirement like 1) Conditional route advertisement 2) route-filtering 3) Conditional redistributing routes into an OSPF, RIP, or EIGRP routing process. 4) They are also used when generating a default route into an OSPF routing process.
To know more on Route Maps please check below documents: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/49111-route-map-bestp.html
Q.What is purpose of expandable option used in NAT?
A.Extendable is added the end of a static NAT entry to make it take precedence over dynamic nat. Cisco routers automatically add it to the end of the static NAT entry in most recent codes.
Q.Can you please share best practices of NAT in L3 switches?
A.Couple of things you need to keep in mind:
Ensure all your private IP's that need to access the internet, are allowed in the NAT statements.
Make sure, if there are IP's within your network that need to be accessed from outside, e.g. web servers etc., they need to be port forwarded, open all the required ports.
Avoid using the log keywords; avoid permit ip any any in the ACL's that you create.
Q.When can we use debug nat statement?
A.Run the debug ip nat translations and debug ip packet commands in order to see if the translations are correct and the correct translation entry is installed in the translation table. Always remember to run debug, with ACL to filter the traffic, if you don't use ACL then you might lose the router (crash and reload).
Q.Is lots NAT translation will effect router performance as we faced an issue of router rebooting where we need to clear NAT translation frequently otherwise it gets reboot?
A.It depends on what kind of router you are using. The difference series of routers have a limit on the amount of traffic and processes that they can handle. This information should be available in the data sheets of the device.so, to answer your question, yes, you can expect problems if you exceed the performance limit on the router. To avoid this, it is best to be aware of the number of users/traffic that will go through the router and utilize the NAT process.
Q.We have multiple VLAN and IP through DHCP what NAT type would be if they want to access outside web server?
A.You can create an ACL matching the entire subnet, which in your case would be the DHCP subnet. This ACL can be used in the NAT statement.
IP Routing Related Questions:
Q.Is inbound load balancing can be managed in router smoothly for multiple ISPs?
A.Inbound load balancing or also called Server side load balancing is special use case.it is does using a “nat called ip nat inside destination”.
Q.Who generates summary LSA in OSPF? ABR or ASBR?
A.ABR is area border router that generates summary LSA .Please go through document to know more on OSPF:
Q.How many routers can be implemented max in OSPF area?
A.It is recommended 50 routers in an area.
Q.What is difference between ASBR & ABR?
A. ASBR is the border router between Autonomous Systems, e.g. a router between an OSPF and an EIGRP process while an ABR is between two or more OSPF areas.
Q.When we run two routers do you need to configure ABR?
A.We don't need to configure area router as ABR.As soon as you have two areas on two interfaces and at least one interface in Area 0 that having a one neighbor up in it will automatically become an ABR.
Q.What is major difference between EIGRP and OSPF?
A.Biggest one will be EIGRP is Cisco Proprietary and OSPF is open but this is changing as Cisco has opened it up and others can implement is as well.
Q.Is there any difference between load balancing and load sharing in EIGRP?
A.EIGRP allows you to do load-balancing over two links but coming to the words themselves, load-balancing is the word more often used to refer to a protocol load balancing traffic while load sharing is used for splitting traffic across physical links.
Q.Can you also explain LSA types?
A.Please refer below OSPF RFC for detail explanation:
Q.What is the difference between E1 and E2 routes in OSPF?
A.E1 and E2 are two types of external routes that you have in OSPF. E2 is the default routes type for routes learned via redistribution. If ASBR is configurable with E1, at this time, routers in the routing domain will learn external networks via ASBR by adding cost on hop by hop basis to destination network.