Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Nat using network address?

Hi

I have found the attached pdf in cisco documentation for CCNA4 Exploration. I don't understand how can this be right. How can I use the network or broadcast address for nat mapping? Please explain me how this works.

3 REPLIES
Cisco Employee

Re: Nat using network address?

Hi,

1. ACL is defining which sourced traffic can be NAT translated.

2. ip nat pool defines local global addresses.

So,  Traffic sourced from 192.168.10.0/24, 192.168.20/24, and 192.168.30.0/24 will be local inside addresses and will be translated to one of local global address of NAT pool in "209.165.202.128" ~ "130".

It is is PAT with overload command.

NAT will start use TCP/UDP available ports with 209.165.202.128 and move to 209.165.202.129 after it consumes all available ports of 209.165.202.128.

R2(config)#ip access-list standard R2NAT

R2(config-std-nacl)# permit 192.168.10.0 0.0.0.255

R2(config-std-nacl)# permit 192.168.20.0 0.0.0.255

R2(config-std-nacl)# permit 192.168.30.0 0.0.0.255

R2(config)#ip nat pool R2POOL 209.165.202.128 209.165.202.130 netmask 255.255.255.252

R2(config)#ip nat inside source list R2NAT pool R2POOL overload

KK

New Member

Re: Nat using network address?

Well it's not quite like this. On Gns it starts translating at .129 and only uses .129 and .130. This was my actual problem 209.165.202.128/30 is a network address not a valid ip address. so how can nat translate into a network address?

If I force a static NAT using .128 it actually works. I  don't understand why but it seems that the ip route command  (ISP(config)#ip route 209.165.202.128 255.255.255.224 serial0/0/0 from  that pdf) doesn't care if the routed ip address is a network/broadcast ip.

It seems that from a /30 range I can use not two but all 4 addresses if I use 2 static translations. Am I correct?

Cisco Employee

Re: Nat using network address?

Hi,

By default, "ip classless" is configured on IOS router and not shown from sh run. 

With ip classless enabled, you can use all 4 IP on /30 subnet. (or, you can say all IP address in any subnet.)

Here is a good document about it.

http://www.cisco.com/en/US/docs/ios/11_3/np1/configuration/guide/1cipadr.html#wp1404

Enable Classless Routing Behavior

At times, a router might receive packets destined for a subnet of a network that has no network default route. http://www.cisco.com/en/US/docs/ios/11_3/np1/configuration/guide/1cipadr.html#wp1413shows a router in network 128.20.0.0 connected to subnets 128.20.1.0, 128.20.2.0, and 128.20.3.0. Suppose the host sends a packet to 128.20.4.1. By default, if the router receives a packet destined for a subnet it does not recognize, the router discards the packet.

Figure 2     No IP Classless Routing

In http://www.cisco.com/en/US/docs/ios/11_3/np1/configuration/guide/1cipadr.html#wp9195, classless routing is enabled in the router. Therefore, when the host sends a packet to 128.20.4.1, instead of discarding the packet, the router forwards the packet to the best supernet route.

Figure 3     IP Classless Routing

To have the Cisco IOS software forward packets destined for unrecognized subnets to the best supernet route possible, perform the following task in global configuration mode:

Task
Command

Enable classless routing behavior.

ip classless

605
Views
0
Helpful
3
Replies
CreatePlease to create content