Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Chabot College ELEC 99.08 Network Address Translation CISCO NETWORKING ACADEMY

advertisement 
Chabot College
ELEC 99.08
Network Address Translation
CISCO NETWORKING ACADEMY
Shortcomings of Subnetting:
• Waste (up to 50%)
– Lots of addresses are unusable:
• first & last subnet
• first & last host in each subnet
• Rigidity
– Subnet structure is inflexible
• same size for every subnet
• subnet with largest no. of hosts determines size
for all
CISCO NETWORKING ACADEMY
Case Study:
4CNet IP Address Allocation to Chabot-Las Positas
• Algorithm: #hosts/254 = #class Cs
• Fails to consider network structure.
• Subnets needed for:
– Broacast control
– WAN links
– Access policy enforcement
CISCO NETWORKING ACADEMY
Case Study:
4CNet IP Address Allocation to Chabot-Las Positas
• Can we afford the waste & rigidity of
subnetting?
• YES, if we run NAT & a large private
address space.
CISCO NETWORKING ACADEMY
Network Address Translation (NAT)
• Private address space inside network
• 4CNet-assigned addresses outside
network
• Translation performed by Cisco PIX
(Private-Internet Exchange)
• (Can also be performed by a router.)
CISCO NETWORKING ACADEMY
How NAT works...
4CNet-assigned
Addresses
Cisco 4000M
gateway
Private
Addresses
PIX 520
iserver
209.129.156.2
porter
209.129.156.3
CISCO NETWORKING ACADEMY
norma
172.28.110.20
172.28.112.0
4CNet
209.129.156.0
All default
traffic comes
from
209.129.155.1
172.28.110.0
172.28.254.0
209.129.155.0
astro
172.28.112.20
Default Translation
• The PIX assigns a single address to all
traffic sent to the internet.
• The PIX uses TCP sequence numbers to
map the returning traffic from established
sessions to internal host addresses.
• Supports > 16,000 simultaneous sessions.
CISCO NETWORKING ACADEMY
Address Mapping
Internal hosts can be mapped to both internal
(private) and external IP addresses:
Internal Host
norma.clpccd.cc.ca.us
astro.clpccd.cc.ca.us
CISCO NETWORKING ACADEMY
External (4Cnet) IP Private IP
209.129.155.32
172.28.110.20
209.129.155.31
172.28.112.20
What problems does NAT solve?
• Allows a huge address space for your net.
• Allows creation of many subnets with many
hosts. (e.g. Class B network subnetted
255.255.255.0).
• Address waste doesn’t matter.
• Rigidity doesn’t matter (subnets can be
oversized to allow for growth)
• Allows flexible access policies and firewalling.
CISCO NETWORKING ACADEMY
What problems does NAT solve?
• …and you’ll never have to renumber your
network again.
CISCO NETWORKING ACADEMY
What tradeoffs result?
• Capital cost of the box.
• Single point of failure in connection to
internet.
• Dual DNS required… But this is also
an advantage: lets you decide what
the world gets to learn about your
internal network.
CISCO NETWORKING ACADEMY
Dual DNS
4CNet-assigned
Addresses
Cisco 4000M
gateway
Private
Addresses
PIX 520
4CNet
External
DNS
Server
CISCO NETWORKING ACADEMY
209.129.156.0
iserver
209.129.156.2
172.28.10.0
172.28.254.0
209.129.155.0
davis
172.28.101.12
Internal
DNS
Server
Related documents
Chabot College ELEC 99.05 Why Subnet? CISCO NETWORKING ACADEMY
Chabot College ELEC 99.05 Why Subnet? CISCO NETWORKING ACADEMY
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
Cuyamaca College Network, Security and System Administration
Cuyamaca College Network, Security and System Administration
Cisco Presentation Guide
Cisco Presentation Guide
COMPUTER NETWORKING (CISCO/LAN) ACADEMY
COMPUTER NETWORKING (CISCO/LAN) ACADEMY
CCENT 640-822 ICND1 Exam Topics Review
CCENT 640-822 ICND1 Exam Topics Review
Chabot College ELEC 99.08 Access Control Lists - Introduction CISCO NETWORKING ACADEMY
Chabot College ELEC 99.08 Access Control Lists - Introduction CISCO NETWORKING ACADEMY
Download
advertisement