CCNA 5.0
Planning Guide
Chapter 5: Network Address
Translation for IPv4
Connecting Networks
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
1
Chapter 5: Objectives
 Describe NAT characteristics.
 Describe the benefits and drawbacks of NAT.
 Configure static NAT using the CLI.
 Configure dynamic NAT using the CLI.
 Configure PAT using the CLI.
 Configure port forwarding using the CLI.
 Configure NAT64.
 Use show commands to verify NAT operation.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
2
Chapter 5: Overview
 All public IPv4 addresses that transverse the Internet must be
registered with a Regional Internet Registry (RIR). However, with a
theoretical maximum of 4.3 billion addresses, IPv4 address space
is severely limited.
 With the proliferation of personal computing and the advent of the
World Wide Web, it soon became obvious that 4.3 billion IPv4
addresses would not be enough.
 The long term solution was IPv6, but more immediate solutions to
address exhaustion were required.
 For the short term, several solutions were implemented by the
IETF, including Network Address Translation (NAT) and RFC
1918, Address Allocation for Private Internets.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
3
Chapter 5: Overview (cont.)
The chapter describes:
 How NAT, combined with the use of private address space, is used
to both conserve and more efficiently use IPv4 addresses to provide
networks of all sizes access to the Internet.
 NAT characteristics, terminology, and general operations.
 Three different types of NAT are static NAT, dynamic NAT, and
NAT with overloading.
 The benefits and disadvantages of NAT.
 The configuration, verification, and analysis of static NAT, dynamic
NAT, and NAT with overloading.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
4
Chapter 5: Overview (cont.)
The chapter describes:
 How port forwarding can be used to access an internal devices from
the Internet.
 Troubleshooting NAT using show and debug commands.
 How NAT for IPv6 is used to translate between IPv6 addresses and
IPv4 addresses.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
5
Chapter 5: Activities
What activities are associated with this chapter?
 5.0.1.2 Class Activity – Conceptual NAT
 5.1.1.6 Activity – Identify the NAT Terminology
 5.1.2.6 Packet Tracer – Investigating NAT Operation
 5.2.1.1 Syntax Checker – Configuring Static NAT
 5.2.1.4 Packet Tracer – Configuring Static NAT
 5.2.2.2 Syntax Checker – Configuring Dynamic NAT
 5.2.2.5 Packet Tracer – Configuring Dynamic NAT
 5.2.2.6 Lab – Configuring Dynamic and Static NAT
 5.2.3.1 Syntax Checker – Configuring PAT: Address Pool
 5.2.3.2 Syntax Checker – Configuring PAT: Single Address
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
6
Chapter 5: Activities (cont.)
What activities are associated with this chapter?
 5.2.3.5 Activity – Identifying the Address Information at Each Hop
 5.2.3.6 Packet Tracer – Implementing Static and Dynamic NAT
 5.2.3.7 Lab – Configuring Port Address Translation (PAT)
 5.2.4.4 Packet Tracer – Configuring Port Forwarding on a Linksys
Router
 5.3.1.3 Case Study – Troubleshooting NAT
 5.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT
Configurations
 5.3.1.5 Lab – Troubleshooting NAT Configurations
 5.4.1.1 Class Activity – NAT Check
 5.4.1.2 Packet Tracer – Skills Integration Challenge
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
7
Chapter 5: Packet Tracer Activity Password
The password for all the Packet Tracer activities in this chapter is:
PT_ccna5
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
8
Chapter 5: Assessment
 Students should complete Chapter 5 Exam after completing
Chapter 5.
 Worksheets, labs and quizzes can be used to informally assess
student progress.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
9
Chapter 5: New Terms and Commands
What terms and commands are introduced in this chapter?
5.1.1.1
5.1.1.3
5.1.2.1
Presentation_ID
Network Address Translation (NAT)
Private Address
Public Address
RFC 1918
Inside Local Address
Inside Global Address
Outside Local Address
Outside Global Address
Inside Address
Outside Address
Local Address
Global Address
Static Network Address Translation (Static NAT)
Dynamic Network Address Translation (Dynamic NAT)
Port Address Translation (PAT)
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
10
Chapter 5: New Terms and Commands
(cont.)
What terms and commands are introduced in this chapter?
5.2.1.3
5.2.2.2
5.2.2.4
5.2.3.1
5.2.4.1
5.2.4.3
5.2.5.1
5.3.1.2
Presentation_ID
show ip nat statistics command
clear ip nat statistics command
show ip nat statistics command
show ip nat translations command
ip nat pool command
ip nat inside source list access-list-number pool name command
ip nat translation timeout command
clear ip nat translation * command
Overload
Port Forwarding
ip nat inside source command
NAT64
Unique Local Address (ULA)
debug ip nat command
debug ip nat detailed command
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
11
Chapter 5: Best Practices
 Prior to teaching Chapter 5, the instructor should complete the
Chapter 5 Assessment.
 Ensure all the activities are completed. This is a very important
concept and hands-on time is vital.
 Basic NAT Troubleshooting information:
http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologi
es_tech_note09186a0080094c32.shtml
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
12
Chapter 5: Additional Help
 For additional help with teaching strategies, including lesson plans,
analogies for difficult concepts, and discussion topics, visit the
CCNA Community at http://community.netacad.net/web/ccna/files.
 If you have lesson plans or resources that you would like to share,
upload them to the CCNA Community to help other instructors.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
13
Chapter 5: Topics Not in 200-101 ICND2
 This section lists topics covered by this chapter that are NOT listed
in the 200-101 ICND2 Blueprint. Those topics are posted at
http://www.cisco.com/web/learning/exams/list/icnd2b.html
 Instructors could skip these sections; however, they should provide
additional information and fundamental concepts to assist the
student with the topic.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
14
Chapter 5: Topics Not in 200-101 ICND2
What sections of this chapter are NOT in the 200-101 ICND2
certification blueprint?
5.0.1.1
5.0.1.2
5.1
5.2
5.4
Presentation_ID
Introduction
Conceptual NAT
Section – NAT Operation
Section – Configuring NAT
Section - Summary
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
15
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
16
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
17