Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
4
Replies

confused NAT pool statment

Go to solution
Amafsha1
Level 2
Level 2

‎09-14-2018 10:50 AM

Hello, I'm confused about a NAT pool statement in the configs:

 

ip nat pool mypool 10.2.14.15 10.2.14.15 netmask 255.255.255.248

ip nat inside source list 2 pool mypool overload

 

 

What's the point of putting the "netmask" statement when the ip range doesn't move and is just 10.2.14.15 - 10.2.14.15.  So it seems that anyone that is NAT'ed against this pool will only get an IP of 10.2.14.15 with different port numbers because of overload. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎09-14-2018 11:18 AM

Hello,

 

actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

‎09-14-2018 11:18 AM

Hello,

 

actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.

0 Helpful

Go to solution
Amafsha1
Level 2
Level 2
In response to Georg Pauwen

‎09-14-2018 11:21 AM

aaah interesting.  So it seems this an issue with not being able to configure a /32 so they put in the .248 netmask there.  Thank you

 

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Amafsha1

‎09-14-2018 11:23 AM

Indeed, the syntax requires a netmask. /30 is the smallest you can configure. I don't know why they configured a /29 netmask, it might be that their IP address actually really belongs to that subnet...

0 Helpful

Go to solution
Amafsha1
Level 2
Level 2
In response to Georg Pauwen

‎09-14-2018 11:24 AM

yeah that's a good question.  I'm confused about that as well. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card