CCNA 5.0 Planning Guide Chapter 5: Network Address Translation for IPv4 Connecting Networks Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1 Chapter 5: Objectives Describe NAT characteristics. Describe the benefits and drawbacks of NAT. Configure static NAT using the CLI. Configure dynamic NAT using the CLI. Configure PAT using the CLI. Configure port forwarding using the CLI. Configure NAT64. Use show commands to verify NAT operation. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2 Chapter 5: Overview All public IPv4 addresses that transverse the Internet must be registered with a Regional Internet Registry (RIR). However, with a theoretical maximum of 4.3 billion addresses, IPv4 address space is severely limited. With the proliferation of personal computing and the advent of the World Wide Web, it soon became obvious that 4.3 billion IPv4 addresses would not be enough. The long term solution was IPv6, but more immediate solutions to address exhaustion were required. For the short term, several solutions were implemented by the IETF, including Network Address Translation (NAT) and RFC 1918, Address Allocation for Private Internets. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3 Chapter 5: Overview (cont.) The chapter describes: How NAT, combined with the use of private address space, is used to both conserve and more efficiently use IPv4 addresses to provide networks of all sizes access to the Internet. NAT characteristics, terminology, and general operations. Three different types of NAT are static NAT, dynamic NAT, and NAT with overloading. The benefits and disadvantages of NAT. The configuration, verification, and analysis of static NAT, dynamic NAT, and NAT with overloading. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4 Chapter 5: Overview (cont.) The chapter describes: How port forwarding can be used to access an internal devices from the Internet. Troubleshooting NAT using show and debug commands. How NAT for IPv6 is used to translate between IPv6 addresses and IPv4 addresses. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5 Chapter 5: Activities What activities are associated with this chapter? 5.0.1.2 Class Activity – Conceptual NAT 5.1.1.6 Activity – Identify the NAT Terminology 5.1.2.6 Packet Tracer – Investigating NAT Operation 5.2.1.1 Syntax Checker – Configuring Static NAT 5.2.1.4 Packet Tracer – Configuring Static NAT 5.2.2.2 Syntax Checker – Configuring Dynamic NAT 5.2.2.5 Packet Tracer – Configuring Dynamic NAT 5.2.2.6 Lab – Configuring Dynamic and Static NAT 5.2.3.1 Syntax Checker – Configuring PAT: Address Pool 5.2.3.2 Syntax Checker – Configuring PAT: Single Address Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6 Chapter 5: Activities (cont.) What activities are associated with this chapter? 5.2.3.5 Activity – Identifying the Address Information at Each Hop 5.2.3.6 Packet Tracer – Implementing Static and Dynamic NAT 5.2.3.7 Lab – Configuring Port Address Translation (PAT) 5.2.4.4 Packet Tracer – Configuring Port Forwarding on a Linksys Router 5.3.1.3 Case Study – Troubleshooting NAT 5.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT Configurations 5.3.1.5 Lab – Troubleshooting NAT Configurations 5.4.1.1 Class Activity – NAT Check 5.4.1.2 Packet Tracer – Skills Integration Challenge Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7 Chapter 5: Packet Tracer Activity Password The password for all the Packet Tracer activities in this chapter is: PT_ccna5 Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8 Chapter 5: Assessment Students should complete Chapter 5 Exam after completing Chapter 5. Worksheets, labs and quizzes can be used to informally assess student progress. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9 Chapter 5: New Terms and Commands What terms and commands are introduced in this chapter? 5.1.1.1 5.1.1.3 5.1.2.1 Presentation_ID Network Address Translation (NAT) Private Address Public Address RFC 1918 Inside Local Address Inside Global Address Outside Local Address Outside Global Address Inside Address Outside Address Local Address Global Address Static Network Address Translation (Static NAT) Dynamic Network Address Translation (Dynamic NAT) Port Address Translation (PAT) © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10 Chapter 5: New Terms and Commands (cont.) What terms and commands are introduced in this chapter? 5.2.1.3 5.2.2.2 5.2.2.4 5.2.3.1 5.2.4.1 5.2.4.3 5.2.5.1 5.3.1.2 Presentation_ID show ip nat statistics command clear ip nat statistics command show ip nat statistics command show ip nat translations command ip nat pool command ip nat inside source list access-list-number pool name command ip nat translation timeout command clear ip nat translation * command Overload Port Forwarding ip nat inside source command NAT64 Unique Local Address (ULA) debug ip nat command debug ip nat detailed command © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11 Chapter 5: Best Practices Prior to teaching Chapter 5, the instructor should complete the Chapter 5 Assessment. Ensure all the activities are completed. This is a very important concept and hands-on time is vital. Basic NAT Troubleshooting information: http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologi es_tech_note09186a0080094c32.shtml Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12 Chapter 5: Additional Help For additional help with teaching strategies, including lesson plans, analogies for difficult concepts, and discussion topics, visit the CCNA Community at http://community.netacad.net/web/ccna/files. If you have lesson plans or resources that you would like to share, upload them to the CCNA Community to help other instructors. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13 Chapter 5: Topics Not in 200-101 ICND2 This section lists topics covered by this chapter that are NOT listed in the 200-101 ICND2 Blueprint. Those topics are posted at http://www.cisco.com/web/learning/exams/list/icnd2b.html Instructors could skip these sections; however, they should provide additional information and fundamental concepts to assist the student with the topic. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14 Chapter 5: Topics Not in 200-101 ICND2 What sections of this chapter are NOT in the 200-101 ICND2 certification blueprint? 5.0.1.1 5.0.1.2 5.1 5.2 5.4 Presentation_ID Introduction Conceptual NAT Section – NAT Operation Section – Configuring NAT Section - Summary © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15 Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16 Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17