Regarding private and public ip address - Page 2

arpitdesai12 · ‎07-14-2012

Okay...I am new to cisco, just preparing for my CCNA exam. I had doubt regarding public IP addressing scheme and private IP addressing scheme.

Not actually doubt but i wanted to make sure my understanding regarding it..here's what i picture about it...

ok...so when when i have my router's one interface having public IP nd all other interface private IP address. so whenever my data with packet as source address of private IP reaches to public IP...does router converts it to Public ip and sends it out...without my NAT on....because whenever i ping to my Public ip's another interface connected to another router...i recieve request timed out not destination host unreachable

arpitdesai12 · ‎07-15-2012

Hey !!!

thanx a lot for ur efforts....i just removed NAT cumpltly....all pool....modified interfaces everything

and poof nw i m able to ping widout any NAT....i think i just made diz complex...thing was pretty simple....but i m just newbie to Networking world and really amazed to see diz forum...u guys are awesome....so much to learn here...really thnx a lot....and yah i m going for first step to enter cisco...dat is goin to takin CCNA 604-802 composite exam...ive read Todd lammle's study guide for once...nw what should i do further

Jan Hrnko · ‎07-15-2012

Arpit,

you're welcome and don't hesitate if you have some more questions!

Good luck with the exam!

Cheers!!!

Best regards,

Jan

arpitdesai12 · ‎07-15-2012

Yeah i forgot to ask u in the same network der is one more thing i didnt understood ive enabled Ospf in all routers yet I m not getting cumplete table in last router R5....i think there is some problem with process no. or i dnt knw...just check nd let me knw

Jan Hrnko · ‎07-15-2012

Hi Arpit,

the problem is that you have configured more OSPF processes on just one interface.

Here is an explanation, why it is not possible - from Peter Paluch :

In OSPF for IPv4, an interface can be a part of a single OSPF process  only. The OSPF packets do not have any identification into which process  they belong, and if an interface was active in several OSPF processes,  the OSPF packets sent out that interface could not be properly  distinguished and sorted among process instances.

As I have seen, your routers will form adjacency for process 2 (there is also process 1 running on both devices, but not exchanging routing information), but I just can't tell you right now what would happen between two real devices configured this way. Maybe if you give me some extra time, like half an hour I will could do some tests.

It just seems that R5 will not receive any other networks than one that is configured by network 10.1.0.0 0.0.255.255 area 0 command for process 2. As it is directly connected network and has lower administrative distance, the update from R3 is ignored. That's why it seems that OPSF is not working. But if you issue the show ip ospf neighbors command you will see that neighborship is established.

For now - just remove the OSPF process number 2 from R3 and also R5. It will work fine.

R3(config)#no router ospf 2
R5(config)#no router ospf 2

Try to save it, close and then open. Packet tracer likes to NOT work properly...

Best regards,

Jan

Jan Hrnko · ‎07-15-2012

Arpit,

one more update regarding more OSPF processes. Peter Paluch has just recently confirmed to me that one interface can be just in one OSPF process. You can verify this when you issue command

show ip ospf 1 interface brief

show ip ospf 2 interface brief

The other thing is that two processes with different numbers running on one router does not share information between themselves. Their link-state databases (LSDB) are separated.

That's why you haven't seen networks learned via OSPF process 1. Because interface between R3 and R5 was in OPSF process 2 with completely different database where only network 10.11.1.0 /24 resides and since this network is directly connected (and has better AD) the one displayed in the routing table is showed as C not O.

Best regards,

Jan

Jan Hrnko · ‎07-14-2012

Hi Arpit,

I believe that your problem can be in something else.

 whenever i ping to my Public ip's another interface connected to  another router...i recieve request timed out not destination host  unreachable

Can you try executing command sh ip route x.x.x.x on the other router (one with the public address that you are pinging) where x.x.x.x is the source private ip address? Maybe it just hasn't got route back to source! If it has blank output then problem is in routing, not in NAT at all!

when i dnt do NAT can my Private IP go out of public IP interface

I believe it is possible simply just because when basic routing occurs you just need the destination address to make routing decision. But it is not reccomended, you can imagine why.

Best regards,

Jan

arpitdesai12 · ‎07-14-2012

No actually i cnt ping before NAT is on...when I do NAT then i do get reply to my ping...my simple question is when I dnt do NAT then how does router with public IP interface behave with private IP packet

Jan Hrnko · ‎07-14-2012

Hi Arpit,

my simple question is when I dnt do NAT then how does router with public IP interface behave with private IP packet

just like I have said before! - Normal basic routing occurs.

I believe you don't have response from the other router just because of missing ip route leading back to the source.

But as Soroush has suggested - in real life, the ISP could drop such traffic, because he doesn't want your private IP addresses in his routing table.

Best regards,

Jan