实验42: PAT 配置
1.
实验目的
通过本实验可以掌握:
(1)PAT 的特征
(2)overload 的使用
(3)PAT 配置和调试
2.
拓扑结构
实验拓扑如图所示。
3.
实验步骤
注:配置路由器提供NAT 服务
动态NAT 的过期时间是86400 秒,PAT 的过期时间是60 秒,通过命令“show ip nat
translations verbose”可以查看。也可以通过下面的命令来修改超时时间:
R1(config)#ip nat translation timeout
timeout
参数timeout 的范围是0-2147483。
r1(config)#int f0/0
r1(config-if)#ip add 192.168.64.4 255.255.255.0
r1(config-if)#no sh
r1(config-if)#exit
r1(config)#int s
*Mar 1 00:02:07.791: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:02:08.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
r1(config)#int s1/0
r1(config-if)#ip add 202.96.1.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#
*Mar 1 00:02:43.351: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Mar 1 00:02:44.351: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
r1(config-if)#
*Mar 1 00:03:13.071: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down
r1(config-if)#
*Mar 1 00:03:33.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
r1(config-if)#exit
r1(config)#router eigrp 1
r1(config-router)#no au
r1(config-router)#net 192.168.64.0
r1(config-router)#net 202.96.1.0
r1(config-router)#
*Mar 1 00:04:44.683: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 202.96.1.2 (Serial1/0) is up: new adjacency
r1(config-router)#ip nat pool cisco 202.96.1.3 202.96.1.100 net 255.255.255.0
r1(config)#ip nat
*Mar 1 00:05:57.195: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
r1(config)#ip nat inside source list 1 pool cisco
r1(config)#no ip nat inside source list 1 pool cisco
r1(config)#ip nat inside source list 1 pool cisco overload//配置PAT
r1(config)#access-list 1 permit 192.168.64.0
0.0.0
.255
r1(config)#int f0/0
r1(config-if)#ip nat in
r1(config-if)#exit
r1(config)#int s1/0
r1(config-if)#ip nat out
r1(config-if)#exit
r1(config)#router eigrp 1
r1(config-router)#no net 192.168.64.0
r1(config-router)#do debug ip nat
IP NAT debugging is on
r1(config-router)#
*Mar 1 00:11:58.327: NAT: expiring 202.96.1.3 (192.168.64.3) icmp 512 (512)
r1(config-router)#
*Mar 1 00:12:11.639: NAT: expiring 202.96.1.3 (192.168.64.3) icmp 512 (512)
r1(config-router)#
*Mar 1 00:12:27.763: NAT*: s=192.168.64.3->202.96.1.3, d=
1.1.1
.1 [422]
*Mar 1 00:12:27.823: NAT*: s=
1.1.1
.1, d=202.96.1.3->192.168.64.3 [422]
*Mar 1 00:12:28.759: NAT*: s=192.168.64.3->202.96.1.3, d=
1.1.1
.1 [423]
r1(config-router)#
*Mar 1 00:12:28.807: NAT*: s=
1.1.1
.1, d=202.96.1.3->192.168.64.3 [423]
*Mar 1 00:12:29.759: NAT*: s=192.168.64.3->202.96.1.3, d=
1.1.1
.1 [424]
*Mar 1 00:12:29.787: NAT*: s=
1.1.1
.1, d=202.96.1.3->192.168.64.3 [424]
r1(config-router)#
*Mar 1 00:12:30.755: NAT*: s=192.168.64.3->202.96.1.3, d=
1.1.1
.1 [425]
*Mar 1 00:12:30.787: NAT*: s=
1.1.1
.1, d=202.96.1.3->192.168.64.3 [425]
r1(config-router)#do sh ip nat translation
Pro Inside global Inside local Outside local Outside global
icmp 202.96.1.3:512 192.168.64.3:512
1.1.1
.1:512
1.1.1
.1:512
r1(config-router)#do sh ip nat sta
Total active translations: 1 (0 static, 1 dynamic; 1 extended)
Outside interfaces:
Serial1/0
Inside interfaces:
FastEthernet0/0
Hits: 21 Misses: 3
CEF Translated packets: 24, CEF Punted packets: 0
Expired translations: 2
Dynamic mappings:
-- Inside Source
[Id: 2] access-list 1 pool cisco refcount 1
pool cisco: netmask 255.255.255.0
start 202.96.1.3 end 202.96.1.100
type generic, total addresses 98, allocated 1 (1%), misses 0
Queued Packets: 0
r1(config-router)#
R2(config)#int loo 1
R2(config-if)#ip ad
*Mar 1 00:02:49.995: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R2(config-if)#ip add
1.1.1
.1 255.255.255.0
R2(config-if)#int s0/0
R2(config-if)#ip add 202.96.1.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#
*Mar 1 00:03:27.791: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
*Mar 1 00:03:28.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R2(config-if)#exit
R2(config)#router eigrp 1
R2(config-router)#no au
R2(config-router)#net 202.96.1.0
R2(config-router)#net
1.1.1
.0
R2(config-router)#
*Mar 1 00:04:44.291: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 202.96.1.1 (Serial0/0) is up: new adjacency
r1(config-router)#
pc:
本文转自gauyanm 51CTO博客,原文链接:http://blog.51cto.com/gauyanm/241840,如需转载请自行联系原作者