Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
5
Helpful
2
Replies

static NAT routing

AdamBudzinski
Level 1
Level 1

‎06-05-2015 05:22 AM - edited ‎03-05-2019 01:37 AM

hi guys,

 

I'm learning from CISCO materials and wondering about this statement. "Organizations can lease public addresses from an SP, but only the registered holder of a public Internet address can assign that address to a network device". 

 

Router R1 connects me to the Internet. it has 2 interfaces configured as shown below. So there is one interface with a Public IP Address (209.165.128.130). Now the task is to configure static NAT for the Web Server (Server1). It's Private IP address is 172.16.16.1 and Public IP is 64.100.50.1. I create a static route on R1 to translate the Inside Local 172.16.16.1 to Inside Global Address 64.100.50.1 (i guess in real world the second Public IP 64.100.50.1 is also provided by the ISP ). What i don't understand how the outside PC (like PC1 / L1) can get to that web server. From what i understand there is an DNS Server holding an record for the web server referring to the Public Address 64.100.50.1 but this address is not actually assigned to any of the interfaces ...the packets will arrive at R1 Serial 0/0/0 interface, but how will it get to it ?

 

 

thank you for any help on this ! 

 

King Regards

 

Adam 

 

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎06-05-2015 08:46 AM

Adam

Firstly when you say you configure a static route I presume you mean static NAT translation ?

Assuming you do the ISP will advertise the public IP to the internet so it is routed to the ISP.

The ISP then has a route for that IP address pointing to the outside interface IP of your router and so sends the packets to your router which then changes the IP to the inside IP address ie. the real IP of the web server.

Note that in your case the public IP of the web server is from a different IP subnet as the outside interface IP of your router.

A common case is where the IP used is from the same IP subnet as the outside interface IP but not the same IP. In this case the ISP does not have a route on it's router because the IP is in the same IP subnet.

So the ISP router sends an arp for the public IP and because your router has a NAT statement for that IP (even though it is not assigned to any interface) it will respond with the mac address of it's outside interface so that packets will be sent to it.

This is called proxy arp and is commonly used in this type of scenario.

Jon

AdamBudzinski
Level 1
Level 1
In response to Jon Marshall

‎06-05-2015 02:21 PM

Jon,

 

Yes, I was referring to static NAT, thank you for correcting me. 

 

"The ISP then has a route for that IP address pointing to the outside interface IP of your router and so sends the packets to your router which then changes the IP to the inside IP address "

You mean a route for the 64.100.50.1 address pointing to 209.165.128.130 ? This information is located on the ISP's router, correct ? 

 

"So the ISP router sends an arp for the public IP and because your router has a NAT statement for that IP (even though it is not assigned to any interface) it will respond with the mac address of it's outside interface so that packets will be sent to it."

What do you exactly mean when referring to ISP router? I mean, at home I'm connected via a router/modem provided by UPC. How this is configured for business needs. Let's say I have a business contract with UPC they provide me with 3 Public IP addresses. I'm running a Small Business (10 person) would they still give me their modem ? Or can I go ahead with for example a CISCO router that I will use instead of their device. How this is configured in real life. 

 

thank you and have a great day!

 

Adam 

0 Helpful
Customers Also Viewed These Support Documents