NAT and DHCP (Network Address Translation and Dynamic Host Configuration Protocol ) Andrew Smith NAT and DHCP This session will cover • The sharing of one.
Download ReportTranscript NAT and DHCP (Network Address Translation and Dynamic Host Configuration Protocol ) Andrew Smith NAT and DHCP This session will cover • The sharing of one.
NAT and DHCP (Network Address Translation and Dynamic Host Configuration Protocol ) Andrew Smith 1 NAT and DHCP This session will cover • The sharing of one (or a few IP address) by translation • Reduction of demand for ‘internet’ IP addresses • The automatic issue of IP addresses to a host on a large scale system, without the need to configure the host Andrew Smith 2 NAT and DHCP WE will be working on a derivation of the standard WAN Mesh used in all Day Schools Andrew Smith 3 NAT and DHCP NAT (Network Address Translation) • Used to aggregate (collect) a range of addresses, usually private into one (or few) externally recognisable addresses Andrew Smith 4 NAT and DHCP NAT (Network Address Translation) • Cisco defines the following NAT terms: – – – – Andrew Smith Inside local address – The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address. Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world. Outside local address – The IP address of an outside host as it is known to the hosts on the inside network. Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address. 5 NAT and DHCP NAT (Network Address Translation) Outside global address, when 128.23.2.2 is seen as 10.254.254.254 to the local hosts Inside Local Inside global address 10.x.x.x translated as 103.0.2.9 Andrew Smith Outside global address 6 NAT and DHCP NAT (Network Address Translation) • Normally NAT will translate a range of address to a network • For example you could have 10.x.x.x translated to 101.1.1.1 – 101.1.1.5 • PAT (Port Address Translation) uses one address and sends each connection on a new (unique TCP port) with the potential of 65535 though most systems (routers) can only cope with 2000 Andrew Smith 7 NAT and DHCP NAT (Network Address Translation) • PAT (Port Address Translation) uses one address and sends each connection on a new (unique TCP port) with the potential of 65535 though most systems (routers) can only cope with 2000 • This means 10.x.x.x, 172.16.x.x or 192.168.x.x can be translated through one address, most of your ADSL/Broadband routers do this Andrew Smith 8 NAT and DHCP NAT (Network Address Translation) • Static translation, the creation of a 1:1 relationship between and external and internal address, completed when you have an externally facing server (like mail or web) on a NAT translated network • Dynamic translation, when a host is allocated an address or ‘port’ via NAT/PAT Andrew Smith 9 NAT and DHCP NAT (Network Address Translation) • Static translation, the creation of a 1:1 relationship between and external and internal address, completed when you have an externally facing server (like mail or web) on a NAT translated network • Dynamic translation, when a host is allocated an address or ‘port’ via NAT/PAT Andrew Smith 10 NAT and DHCP DHCP (Dynamic Host Configuration Protocol) • Allowing a ‘large’ or ‘small’ scale system to issue addresses to all hosts (from workstations to servers and printers) rather than the admin having to set the IP address on each device. • The address is leased, for a defined period of time. • Your ISP may do this, your ADSL/Broadband router may do this Andrew Smith 11 NAT and DHCP DHCP (Dynamic Host Configuration Protocol) • Done using UDP, on ports 67 (DHCP server) and 68 (DHCP host) • The host must receive – An issued IP address – The Default Gateway address (which may also be the router, but please be aware a DHCP server can run autonomously) – Subnet mask – DNS server address, which may be internal or externally available • WINS, Domain name and other parameters can also be issued Andrew Smith 12 NAT and DHCP DHCP (Dynamic Host Configuration Protocol) • Addresses may be issued by – Automatic allocation – DHCP assigns a permanent IP address to a client. – Manual allocation – The IP address for the client is assigned by the administrator. DHCP conveys the address to the client. – Dynamic allocation – DHCP assigns, or leases, an IP address to the client for a limited period of time. Andrew Smith 13 NAT and DHCP NAT and DHCP configuration Please ensure your router (s) are configured as per the normal infrastructure Andrew Smith 14 NAT and DHCP NAT configuration access-list 1 permit 172.16.0.0 0.0.0.255 ip nat inside source list 1 interface FastEthernet0/0 overload interface fastethernet 0/0 ip nat inside interface serial0/0 ip nat outside Andrew Smith 15 NAT and DHCP DHCP configuration service dhcp ip dhcp pool sanfranciscopool network 172.16.0.0 255.255.255.0 default-router 172.16.0.1 dns-server 172.16.0.2 domain-name widgetsrus.co.uk netbios-name-server 172.16.0.3 Exit ip dhcp excluded-address 172.16.0.1 172.16.0.10 Andrew Smith 16 NAT and DHCP Testing the configuration To check DHCP Run ‘ipconfig’ to check the DHCP address has been obtained Run ‘ipconfig /release’ to remove an automatic addressing. Run ‘ipconfig /renew’ to receive a new DHCP licensed address To check NAT You must ping the nearside interface on the afar router from the host on the LAN For example, from the computer on the Madrid LAN you must ping 100.0.0.1 –t, note the ‘-t’ means continuous (no timeout) On each router, issue the ‘clear ip nat translation *’ command ‘show ip nat translations’ command Andrew Smith 17 NAT and DHCP Andrew Smith 18 NAT and DHCP Andrew Smith 19