11-06-2001 08:34 PM - edited 03-01-2019 07:16 PM
I am thinking of using Port Address Translation (PAT) I guess several internal addresses can be NATed to only one or a few external addresses by using Port Address Translation (PAT)which I think is also referred to as "overload," Must be a subset of NAT.. With the port numbers encoded in 16 bits, the total number could theoretically be as high as 65,536 per IP address. Sounds like an inexhaustible supply to me! Got to be some sort of drawback? If there is little or no drawbacks, how would I configure my 4000 router to do this. I have 4 static addresses (supplied by isp) and 31/61 users on my side of the router.If you got any ? don't hesitate to ask for more info. Thanks in advance!
Doug
11-07-2001 01:09 AM
Hi Doug,
As NAT is fast-switched and the address translation process is optimized to be as fast as a route-lookup, the performance hit of implementing multiple NAT translations should be negligible.
Memory usage would be around 160 bytes per translation (in DRAM).
I cant think of any real drawbacks to the situation that you describe. Here are a few links that may help in configuring NAT :
http://www.cisco.com/warp/customer/556/nat-cisco.shtml
http://www.cisco.com/warp/customer/556/12.html
best regards
steve
11-07-2001 04:18 AM
Thanks for your comments Steve. Is there any Limits on the port number other than the what you designate? I'm assuming I will have to enable fast-switching.
11-08-2001 12:09 AM
Hi Doug,
If I understand your question correctly - the port numbers (inside local hosts source ports) are usually assigned by the source device's TCP/IP-stack automatically from a 16 bit address range. Outgoing (source) port numbers would typically be something above 1023 and below 65536. The NAT translation (transparently) uses the unique source ip addr/port pair to differentiate between hosts mapped to the single inside global ip address when PAT/overloading is configured.
There is no hard requirement to enable fast-switching for NAT operaion, but It is generally recommended for performance and cpu load reasons, to enable the fasted supported switching mode per interface (cef, fast-switching.. etc) - there may be some corner-cases involving low-speed (<64K) links where this recommendation may be reviewed.
best rgds
steve
11-08-2001 05:11 AM
The only real drawback with PAT vs NAT is that some applications (depending on application and version of IOS) have problems running over it.
If the application embeds port number information into the packet and the IOS doesn't recognize the protocol, the embedded port address won't be translated along with the layer 4 port address (eg: Exchange email notification datagrams).
You'll have to determine what applications are in use and be sure that you're version of the IOS will support them with PAT.
Mick.
11-08-2001 10:20 AM
That's a good point from Mick.
There is some more info on this at:
http://wwwin.cisco.com/cmc/cc/pd/iosw/prodlit/iosnt_qp.htm
As detailed under the question " Q. Does Cisco NAT support all application traffic? "
This issue should also be considered along with plain NAT (as well as PAT)
rgds
steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide