cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco announces new innovations in SD-WAN, ISRs, SD-WAN Services, and Catalyst 9000 Series switches


153
Views
0
Helpful
4
Replies
Beginner

confused NAT pool statment

Hello, I'm confused about a NAT pool statement in the configs:

 

ip nat pool mypool 10.2.14.15 10.2.14.15 netmask 255.255.255.248

ip nat inside source list 2 pool mypool overload

 

 

What's the point of putting the "netmask" statement when the ip range doesn't move and is just 10.2.14.15 - 10.2.14.15.  So it seems that anyone that is NAT'ed against this pool will only get an IP of 10.2.14.15 with different port numbers because of overload. 

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advisor

Re: confused NAT pool statment

Hello,

 

actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.

4 REPLIES
VIP Advisor

Re: confused NAT pool statment

Hello,

 

actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.

Beginner

Re: confused NAT pool statment

aaah interesting.  So it seems this an issue with not being able to configure a /32 so they put in the .248 netmask there.  Thank you

 

VIP Advisor

Re: confused NAT pool statment

Indeed, the syntax requires a netmask. /30 is the smallest you can configure. I don't know why they configured a /29 netmask, it might be that their IP address actually really belongs to that subnet...

Highlighted
Beginner

Re: confused NAT pool statment

yeah that's a good question.  I'm confused about that as well. 

CreatePlease to create content
Webcast-ISE Deployment and Best Practices