So I'm configuring CGN as follows (taken from here
ip nat settings mode cgn
ip nat inside source list 1 pool nat-pool overload
ip nat pool nat-pool 10.1.1.1 10.1.254.254 netmask 255.255.0.0
access-list 1 permit 172.16.0.0 255.255.0.0
interface gigabitethernet2
ip nat inside
!
interface gigabitethernet1
ip nat outside
!
I'm struggling to understand exactly what this means. Does it mean that if a packet comes in on Gi2 within source in the 172.16.0.0/16 scope, source translate the address of the packet - as it leaves Gi1 - to a free address in the 10.1.0.0/16 range using PAT as needed?
But why is the nat pool 10.1.1.1 10.1.254.254 and not something like 10.1.0.0 10.1.255.254?
And what does the netmask do? The packet itself doesn't hold netmask information. That's control plane level. Is this related to how the NAT'd range is intended to be advertised? (similar to NAT64 operation)
Confusing me further is the option of netmask AND prefix:
CE4(config)# ip nat pool nat-pool 10.1.1.1 10.1.254.254 ?
netmask Specify the network mask
prefix-length Specify the prefix length
CE4(config)# ip nat pool nat-pool 10.1.1.1 10.1.254.254
Can anyone please help explain this - or maybe link me to some documentation that would help ?