09-14-2018 10:50 AM
Hello, I'm confused about a NAT pool statement in the configs:
ip nat pool mypool 10.2.14.15 10.2.14.15 netmask 255.255.255.248
ip nat inside source list 2 pool mypool overload
What's the point of putting the "netmask" statement when the ip range doesn't move and is just 10.2.14.15 - 10.2.14.15. So it seems that anyone that is NAT'ed against this pool will only get an IP of 10.2.14.15 with different port numbers because of overload.
Solved! Go to Solution.
09-14-2018 11:18 AM
Hello,
actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.
09-14-2018 11:18 AM
Hello,
actually, you have a good point. It used to be that a WAN IP needed to be at least a /30 address, since you would need a corresponding address on the other side. Nowadays a lot of ISPs dish out /32 addresses. You cannot even configure a pool with a /32 netmask, the IOS will throw an error. So for now, the syntax requires the netmask. Not sure if there are plans in the future to 'equip' IOS with a pool host option.
09-14-2018 11:21 AM
aaah interesting. So it seems this an issue with not being able to configure a /32 so they put in the .248 netmask there. Thank you
09-14-2018 11:23 AM
Indeed, the syntax requires a netmask. /30 is the smallest you can configure. I don't know why they configured a /29 netmask, it might be that their IP address actually really belongs to that subnet...
09-14-2018 11:24 AM
yeah that's a good question. I'm confused about that as well.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide