View
109
Download
0
Category
Tags:
Preview:
Citation preview
CCNA – Semester4
Module 1Scaling IP Address
Objectives
• Scaling networks with NAT and PAT
• Dynamic Host Configuration Protocol
Scaling networks with NAT and PAT
Introducing NAT
• NAT is designed to conserve IP addresses and enable networks to use private IP addresses on internal networks.
• These private, internal addresses are translated to routable, public addresses.
NAT terms
• Inside local address – The IP address assigned to a host on the inside network (not a legitimate IP address-RFC 1918 private address).
• Inside global address – A legitimate IP address represents one or more inside local IP addresses to the outside world.
• Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
• Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address.
Major NAT and PAT features
• NAT translations can be used for a variety of purposes and can be either dynamically or statically assigned.
• Dynamic NAT is designed to map a private IP address to a public address.
• Overloading, or Port Address Translation (PAT), maps multiple private IP addresses to a single public IP address.
• Realistically, the number of ports that can be assigned a single IP address is around 4000.
Major NAT and PAT features
NAT advantages
• Eliminates reassigning each host a new IP address when changing to a new ISP.
• Conserves addresses through application port-level multiplexing.
• Protects network security.
• Reduce address overlap occurrence.
NAT disadvantages
• Translation introduces switching path delays and processing overhead.
• Loss of IP end-to-end traceability.
• Certain application will not function with NAT enabled.
Cisco IOS NAT
Configure static NAT
Static translation
Configure dynamic NAT
Configure dynamic NAT
Configure dynamic NAT
Dynamic NAT example
Configure PAT
Clear NAT table
Show NAT translation
Troubleshooting NAT and PAT configuration
• Use the following steps to determine whether NAT is operating as expected:– Based on the configuration, clearly define what NAT is supposed to
achieve.
– Verify that correct translations exist in the translation table.
– Verify the translation is occurring by using show and debugcommands.
– Review in detail what is happening to the packet and verify thatrouters have the correct routing information to move the packet along.
Debug IP NAT
Dynamic Host Configuration Protocol
Introducing DHCP
• Dynamic Host Configuration Protocol (DHCP) works in a client/server mode.
• DHCP enables DHCP clients on an IP network to obtain their configurations from a DHCP server.
• Less work is involved in managing an IP network when DHCP is used.
• The DHCP protocol is described in RFC 2131.
Easy IP
• Cisco routers can use a Cisco IOS feature set, Easy IP, to offer an optional, full-featured DHCP server.
• Easy IP leases configurations for 24 hours by default.
• The DHCP service is enabled by default on versions of Cisco IOS that support it.
• To disable DHCP service, use the no service dhcpcommand.
BOOTP and DHCP
• Both protocols are client/server based and use UDP ports 67 and 68. Those ports are still known as BOOTP ports.
• The four basic IP parameters: – IP address
– Gateway address
– Subnet mask
– DNS server address
DHCP Operation
DHCP Messages
• If the client detects thatthe address is already in use on the local segment it will send a DHCPDECLINEmessage and the process starts again.
• If the client received a DHCPNACK from the server after sending the DHCPREQUEST, then it will restart the process again.
• If the client no longer needs the IP address, the client sends aDHCPRELEASE message to the server.
CISCO IOS DHCP
• Cisco IOS DHCP server always checks to make sure that an address is not in use before the server offers it to a client.
• By default, router will issue 2 ICMP echo requests, or will ping, to a pool address before sending the DHCPOFFER to a client.
Configuring DHCP
Excluding IP
Key DHCP Server Commands
Verifying DHCP operation
• To verify the operation of DHCP, the command show ip dhcp binding can be used.
• To verify that messages are being received or sent by the router, use the command show ip dhcp server statistics.
Troubleshooting DHCP
Network services
• Remote clients will broadcast to locate servers while routers, by default, will not forward client broadcasts beyond their subnet.
IP helper-address
• Remote clients will broadcast to locate servers while routers, by default, will not forward client broadcasts beyond their subnet.
• When possible, administrators should use the ip helper-address command to relay broadcast requests for these key UDP services.
• By default, the ip helper-address command forwards the following eight UDP services:– Time – TACACS – DNS – BOOTP/DHCP Server – BOOTP/DHCP Client – TFTP – NetBIOS Name Service – NetBIOS datagram Service
DHCP Relay
Summary
• NAT and PAT concepts and operation
• NAT and PAT configuration and troubleshooting
• Comparison between DHCP and BOOTP
• Cisco Router DHCP configuration
• DHCP relay with ip helper-address
Lab Topology
Lab Requirements
1. NAT/PAT• Each Site use network address 10.x.0.0/16. Global
address is 172.20.x.0/28. Network connecting to Center is 203.162.x.0/30.
• Configuring a static NAT mapping and dynamic NAT
2. DHCP• Each Site use Router as a DHCP server to provide IP
addresses to department network.
CCNA4 – Module1
Recommended