Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT. One pool or many pools for one Inside Global IP

I have to create access to the list of services via NAT.

Some times inside global IPs (IP that is seen to remote side) are equal for different services.

What is the best practice - create pool on per service basis, e.g.

ip nat pool SERVICE1 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat pool SERVICE2 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat pool SERVICE3 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat inside source route-map SERVICE1-MAP pool SERVICE1

ip nat inside source route-map SERVICE2-MAP pool SERVICE2

ip nat inside source route-map SERVICE3-MAP pool SERVICE3

or one pool for all services that have equal global inside IP, e.g.

ip nat pool 1_1_1_1 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat inside source route-map SERVICE1-MAP pool 1_1_1_1

ip nat inside source route-map SERVICE2-MAP pool 1_1_1_1

ip nat inside source route-map SERVICE3-MAP pool 1_1_1_1

I think that second way is preferable.

I think that when router tries to create new NAT entry it will check - is pool poolname already in use?

If yes, than no new data structure will be created but already existing one will be used.

So, less memory would be allocated and port overlapping would be impossible.

1 REPLY
Silver

Re: NAT. One pool or many pools for one Inside Global IP

Yes, you are right second one is good. One pool for all services that have equal global inside IP.

106
Views
0
Helpful
1
Replies