Jump to content


Need help to understand IP NAT inside/outside


  • Please log in to reply
No replies to this topic

#1 diya

diya

    Member

  • Members
  • PipPip
  • 93 posts

Posted 03 May 2013 - 04:45 AM

Hi Guys,

 

I think I have something missing in understanding the differece between IP NAT inside and outside,

 

 

After Testing them too many times in my LAB I found out :
 

1-The IP NAT inside source Static translates the inside local source address into global inside and does translate the destination address in oppsite direcion "from inside global to inside local".

 

 

 

2-The IP NAT outside source Static translates the outside global source address into outside local and doesn’t translate the destination address in oppsite direcion from local outside to global inside.

 

 

 

Until know it is OK, they simply follow same logic, the only difference comes out in  opposite traffic " either return traffic or traffic orginated from opposite direction"

 

but the problem is that this rule will break when I do NAT to translate RIP Multcast address to unicast,

 

the command required is: Ip nat outside source static udp neighbourAdd 520 224.0.0.9 520

 

First question, from the the above 2 rules, my first impression, I should be able to tranaslate the rip multicast traffic using both command IP NAT inside Source static and IP NAT outside Source static, with just replacing the assignmnet of INSIDE and OUTSIDE in the interface, but it Didn't, only the outside source static command working!.

 

 

Second, which actually blows out my mind !The NAT outsude command only apworks plies when it is designed in opposite direction of the RIP traffic which is compltetly in contrast of 2nd rule!!

 

just replace the multicast address of 224.0.0.9 in the nat command with a unicast address and the nat doesn't work which exactly follows the 2nd rule! Why my rule just applies to unicast traffic and doesn't apply to the RIP example?

 

" i see the NAT works or not by the command debug IP nat de, and watching the logs"

 

I am working on this This issue for 3 days and I read most cisco documents, but they don't talk much ablut the difference between inside & outside natting, so  I would appreciate very much any help to clarifying out this issue, and if you need any more details, please  post and I am up for it.

 

 

Thanks


Edited by diya, 03 May 2013 - 04:49 AM.

  • 0





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users