Sunday, December 5, 2010

NAT: Local and Global Definitions

Term Definitions

Cisco defines these terms as:
  • Inside local address—The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.
  • Inside global address—A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world.
  • Outside local address—The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
  • Outside global address—The IP address assigned to a host on the outside network by the host owner. The address is allocated from a globally routable address or network space.
These definitions still leave a lot to be interpreted. For this example, this document redefines these terms by first defining local address and global address. Keep in mind that the terms inside and outside are NAT definitions. Interfaces on a NAT router are defined as inside or outside with the NAT configuration commands, ip nat inside and ip nat outside. Networks to which these interfaces connect can then be thought of as inside networks or outside networks, respectively.

  • Local address—A local address is any address that appears on the inside portion of the network.
  • Global address—A global address is any address that appears on the outside portion of the network.


    ip nat inside source static 10.10.10.1 171.16.68.5 

!--- Inside host is known by the outside host as 171.16.68.5.

interface s 0
ip nat inside

interface s 1
ip nat outside
     
     
    Router#show ip nat translations

Pro     Inside global      Inside local       Outside local      Outside global
---     171.16.68.5        10.10.10.1            ---                 ---
     
     
    Define Outside Local and Outside Global Addresses
    In this configuration, when the NAT router receives a packet on its 
outside interface with a source address of 171.16.68.1, the source 
address is translated to 10.10.10.5. This also means that if the NAT 
router receives a packet on its inside interface with a destination 
address of 10.10.10.5, the destination address is translated to 
171.16.68.1.

    ip nat outside source static 171.16.68.1 10.10.10.5

!--- Outside host is known to the inside host as 10.10.10.5.

interface s 0
ip nat inside

interface s 1
ip nat outside
    In the ideal condition, the output of the show ip nat translations command is as shown here:

    Router#show ip nat translations

Pro    Inside global          Inside local          Outside local      Outside global
         --- ---                   ---               10.10.10.5          171.16.68.1

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)