NAT Support for Multiple Pools Using Route Ma…

Contents

Introduction
Prerequisites
Requirements
Components Used
Conventions
Background Information
Access List Approach
Host 1 to Host 2
Host 1 to Host 3
Route Map Approach
Host 1 to Host 2
Host 1 to Host 3
Related Information

---

Introduction

This document explains how the use of access lists versus route maps changes the functionality of Network Address Translation (NAT). For more information on NAT, see Cisco IOS NAT.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

• Cisco 2500 Series Routers.

• Cisco IOS^® Software Release 12.3(3).

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Background Information

NAT only uses access lists and route maps when it needs to create a translation entry. If a translation entry already exists that matches the traffic then the translation entry will be used; any access lists or route maps will not be consulted. The difference between using an access list or route map is the type of translation entry that will be created.

Route Maps

When NAT uses a route map to decide to create a translation entry, it will always create a "fully extended" translation entry. This translation entry will contain both the inside and outside (local and global) address entries and any TCP or UDP port information. Refer to NAT: Local and Global Definitions for more information on inside and outside (local and global) addresses.

Access Lists (no overload)

When NAT uses an access list to decide to create a translation entry, it will create a "simple" translation entry. This "simple" entry will only contain local and global IP address entries for just the inside or outside depending on whether the ip nat inside or ip nat outside command is configured. Also, it will not include any TCP or UDP port information.

Access Lists (with overload)

When NAT uses an access list, and overload has also been specified, NAT will create a "fully extended" translation entry. (Refer to Note1 ). The operation is similar to the route-map case except that route-map has some additional features. Refer to Note 2 for more details. You can see an example of a simple NAT translation entry and a fully extended NAT translation entry by selecting one of the links below:

• Simple NAT translation entry

• Fully extended NAT translation entry

Below is an example network diagram we will use to illustrate the difference between using a route map and an access list with NAT.

In the example network diagram above, it is required that hosts on 10.1.1.0 be translated to the following:

• 131.108.2.0 when going to 131.108.1.0

• 131.118.2.0 when going to 131.118.1.0

Access List Approach

With an access list approach, you would do the following to translate the hosts on 10.1.1.0:

ip nat pool pool108 131.108.2.1 131.108.2.254 prefix-length 24!--- Defines a pool of global addresses to be allocated as needed.      ip nat pool pool118 131.118.2.1 131.118.2.254 prefix-length 24     ip nat inside source list 108 pool pool108     !--- Establishes dynamic source translation, specifying the      !--- access list defined below.
			   
			   

                       标签：
                   
                   
版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com

特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有