網(wǎng)絡地址翻譯Network Address Translation_第1頁
網(wǎng)絡地址翻譯Network Address Translation_第2頁
網(wǎng)絡地址翻譯Network Address Translation_第3頁
網(wǎng)絡地址翻譯Network Address Translation_第4頁
網(wǎng)絡地址翻譯Network Address Translation_第5頁
已閱讀5頁,還剩24頁未讀, 繼續(xù)免費閱讀

下載本文檔

版權說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權,請進行舉報或認領

文檔簡介

1、 2006, Shenzhen Polytechnic. All rights reserved.1網(wǎng)絡地址翻譯網(wǎng)絡地址翻譯Network Address Translation 深圳職業(yè)技術學院計算機系網(wǎng)絡專業(yè)深圳職業(yè)技術學院計算機系網(wǎng)絡專業(yè) 2006, Shenzhen Polytechnic. All rights reserved.2教學目標(教學目標( Objectives )1.私有地址(私有地址(Private Addressing )2. NAT操作(操作(NAT Operation)3. NAT分類(分類(NAT Class)4. 配置配置NAT (Configuring N

2、AT) 5. NAT排錯排錯(Troubleshooting NAT Configuration) 2006, Shenzhen Polytechnic. All rights reserved.3IP Address Class and RangeClass A:Class B:Class C:1-126128-191192-223127 is lost, why? 2006, Shenzhen Polytechnic. All rights reserved.4公網(wǎng)地址和私有地址公網(wǎng)地址和私有地址( Public Address and Private Address)1. 公網(wǎng)地址必須被

3、注冊公網(wǎng)地址必須被注冊 Public Internet addresses must be registered by a company with an Internet authority. 2. 私有地址被保留,并可以被任何人使用私有地址被保留,并可以被任何人使用 Private IP addresses are reserved and can be used by anyone. 2006, Shenzhen Polytechnic. All rights reserved.5私有地址范圍(私有地址范圍(Private Address Range) 2006, Shenzhen Po

4、lytechnic. All rights reserved.6Catalyst 4006Catalyst 6509教學樓教學樓工業(yè)中心工業(yè)中心信息大樓信息大樓行政大樓行政大樓圖書館圖書館Catalyst 6509Catalyst 2948GCatalyst 2948GCatalyst 2948GCatalyst 3548GCatalyst 3548Cisco 7206Internet163165CernetBackbone ChannelChannelLoadBalance上期已鋪光纖本期待鋪光纖Channel深職院二期網(wǎng)絡核心拓撲圖深職院二期網(wǎng)絡核心拓撲圖HSRP 2006, Shenzh

5、en Polytechnic. All rights reserved.7NAT操作(操作(NAT Operation) 2006, Shenzhen Polytechnic. All rights reserved.81. NAT典型工作存根網(wǎng)絡的邊緣典型工作存根網(wǎng)絡的邊緣A NAT enabled device typically operates at the border of a stub network. 2. 邊界路由器執(zhí)行邊界路由器執(zhí)行NAT功能,將內(nèi)部私有地功能,將內(nèi)部私有地址轉(zhuǎn)換成公網(wǎng)可路由的地址。址轉(zhuǎn)換成公網(wǎng)可路由的地址。The border gateway router

6、 performs the NAT process, translating the internal private address of a host to a public, external routable address. NAT操作(操作(NAT Operation) 2006, Shenzhen Polytechnic. All rights reserved.91. Inside local address 指定給內(nèi)部主機使用的地址指定給內(nèi)部主機使用的地址The IP address assigned to a host on the inside network. 2. I

7、nside global address 從從SP或或NIC注冊的地址,即內(nèi)部主注冊的地址,即內(nèi)部主機地址被機地址被NAT轉(zhuǎn)換的外部地址轉(zhuǎn)換的外部地址A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. 3. Address Pool-NIC或或SP分配使用的多個地址分配使用的多個地址IP addresses assigned by the NIC or service

8、provider NAT術語(術語(NAT Terms) 2006, Shenzhen Polytechnic. All rights reserved.101.靜態(tài)靜態(tài)NAT 靜態(tài)靜態(tài)NAT的特征是內(nèi)部主機地址被一對一映射到外的特征是內(nèi)部主機地址被一對一映射到外部主機地址部主機地址 Static NAT is designed to allow one-to-one mapping of local and global addresses. NAT分類(分類(NAT Class)Pc1:10.1.1.1-200.200.200.1Pc2:10.1.1.2-200.200.200.2Pc3:

9、10.1.1.3-Pc4:10.1.1.4-200.200.200.2?X 2006, Shenzhen Polytechnic. All rights reserved.11NAT分類(分類(NAT Class)2. 動態(tài)動態(tài)NAT動態(tài)動態(tài)NAT的特征是內(nèi)部主機使用地址池中的公網(wǎng)地址來的特征是內(nèi)部主機使用地址池中的公網(wǎng)地址來映射映射Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of public IP addresses is assign

10、ed to a network host. Pc1:10.1.1.1-200.200.200.1Pc2:10.1.1.2-200.200.200.2Pc3:10.1.1.3-Pc4:10.1.1.4-200.200.200.2? 2006, Shenzhen Polytechnic. All rights reserved.123. 端口復用端口復用(PAT) 端口復用的特征是內(nèi)部多個私有地址通過不同的端端口復用的特征是內(nèi)部多個私有地址通過不同的端口被映射到一個公網(wǎng)地址,口被映射到一個公網(wǎng)地址,Overloading, or Port Address Translation (PAT), ma

11、ps multiple private IP addresses to a single public IP address. Multiple addresses can be mapped to a single address because each private address is tracked by a port number. 理想狀況下,一個單一的理想狀況下,一個單一的IP地址可以使用的端口數(shù)為地址可以使用的端口數(shù)為4000個。個。 Realistically, the number of ports that can be assigned a single IP ad

12、dress is around 4000. NAT分類(分類(NAT Class) 2006, Shenzhen Polytechnic. All rights reserved.13PAT特征(特征(PAT Features) 2006, Shenzhen Polytechnic. All rights reserved.14配置配置NAT (Configuring NAT) 2006, Shenzhen Polytechnic. All rights reserved.15靜態(tài)靜態(tài)NAT配置實例配置實例 (Static NAT Example) 2006, Shenzhen Polytec

13、hnic. All rights reserved.16靜態(tài)靜態(tài)NAT配置實例配置實例 (Static NAT Example)r1(config)#ip nat inside source static 10.1.1.2 200.200.200.3r1(config)#ip nat inside source static 10.1.1.3 200.200.200.4r1(config)#interface f0/0r1(config-if)#ip nat inside r1(config)#int s0/0r1(config-if)#ip nat outside 2006, Shenzhe

14、n Polytechnic. All rights reserved.17靜態(tài)靜態(tài)NAT配置實例配置實例 (Static NAT Example)r1# debug ip nat IP NAT debugging is on00:11:09: NAT: s=10.1.1.2-200.200.200.3, d=2.2.2.2 4093600:11:09: NAT*: s=2.2.2.2, d=200.200.200.3-10.1.1.2 4093600:11:10: NAT*: s=10.1.1.2-200.200.200.3, d=2.2.2.2 40938r1# sh ip nat tran

15、slations Pro Inside global Inside local Outside local Outside global- 200.200.200.3 10.1.1.2 - - 200.200.200.4 10.1.1.3 - - 2006, Shenzhen Polytechnic. All rights reserved.18動態(tài)動態(tài)NAT配置實例配置實例 (Dynamic NAT Example) 2006, Shenzhen Polytechnic. All rights reserved.19動態(tài)動態(tài)NAT配置實例配置實例 (Dynamic NAT Example)r

16、1(config)#ip nat pool NAT 200.200.200.3 200.200.200.50 netmask 255.255.255.0r1(config)#access-list 1 permit 10.1.1.0 0.0.0.255r1(config)#ip nat inside source list 1 pool NATr1(config)#interface f0/0r1(config-if)#ip nat inside r1(config)#int s0/0r1(config-if)#ip nat outside 2006, Shenzhen Polytechnic

17、. All rights reserved.20動態(tài)動態(tài)NAT配置實例配置實例 (Dynamic NAT Example)r1# debug ip nat 00:45:40: NAT: s=10.1.1.2-200.200.200.3, d=2.2.2.2 3893000:45:40: NAT*: s=2.2.2.2, d=200.200.200.3-10.1.1.2 3893000:46:03: NAT: s=10.1.1.3-200.200.200.4, d=2.2.2.2 3896100:46:03: NAT*: s=2.2.2.2, d=200.200.200.4-10.1.1.3 3

18、896100:46:27: NAT: s=10.1.1.4-200.200.200.5, d=2.2.2.2 3899300:46:27: NAT*: s=2.2.2.2, d=200.200.200.5-10.1.1.4 38993 2006, Shenzhen Polytechnic. All rights reserved.21動態(tài)動態(tài)NAT配置實例配置實例 (Dynamic NAT Example)r1#sh ip nat translations Pro Inside global Inside local Outside local Outside global- 200.200.

19、200.3 10.1.1.2 - - 200.200.200.4 10.1.1.3 - - 200.200.200.5 10.1.1.4 - -r1#clear ip nat translation *r1#sh ip nat translations 2006, Shenzhen Polytechnic. All rights reserved.22 動態(tài)動態(tài)NAT深入研究(深入研究(Dynamic NAT Further Study)如果我們已經(jīng)用完地址池中的地址,將發(fā)生如果我們已經(jīng)用完地址池中的地址,將發(fā)生什么事情?什么事情? If we have used all available

20、public address in pool, what will happen in next translation? 2006, Shenzhen Polytechnic. All rights reserved.23動態(tài)動態(tài)NAT深入研究(深入研究(Dynamic NAT Further Study)01:07:36: NAT: translation failed (A), dropping packet s=10.1.1.3 d=2.2.2.2r1#01:07:37: NAT: translation failed (A), dropping packet s=10.1.1.3 d

21、=2.2.2.2以上結(jié)果表明以上結(jié)果表明NAT轉(zhuǎn)換失敗,并將丟包轉(zhuǎn)換失敗,并將丟包 2006, Shenzhen Polytechnic. All rights reserved.24PAT配置實例配置實例 (PAT Example) 2006, Shenzhen Polytechnic. All rights reserved.25PAT配置實例配置實例 (PAT Example)r1(config)#ip nat pool NAT 200.200.200.3 200.200.200.50 netmask 255.255.255.0r1(config)#access-list 1 permit 10.1.1.0 0.0.0.255r1(config)#ip nat inside source list 1 pool NAT overloadr1(config)#interface f0/0r1(config-if)#ip nat inside r1(config)#int s0/0r1(config-if)#ip nat outside r1(config)#ip route 0.0.0.0 0.0.0.0 200

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預覽,若沒有圖紙預覽就沒有圖紙。
  • 4. 未經(jīng)權益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負責。
  • 6. 下載文件中如有侵權或不適當內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論