Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
1
Replies

Switch Redirect for IP NAT

NikoMax
Level 1
Level 1

‎08-09-2024 07:45 AM

Hi everyone, I am pretty new in the network domain after my CCNA.

So ,my issue is that I do not understand the following process: the topology is sw1 sw2 and  router. Interconnected with trunks. Packet come in port 1 ,Sw1 and need to be NATed. That why the packet is forwarded to router (there are NAT ROLES)and then back to sw1 and out from port 1/2. I see the config ,but I do not understand  how it is works in deeps.Thanks all. 

0 Helpful
1 Reply 1

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-09-2024 09:08 AM

Hello @NikoMax ,

NAT has been almost exclusive feature of routers and firewalls   ( first case was Cat6500 with Sup720 for NAT support).

traffic from switch 1 is sent to the router over a specific port and VLAN this may map to a router subinterface on the router.

The NAT action is triggered when traffic entering a L3 interface or subinterface with ip nat inside configured has to go out another L3 interface or subinterface with ip nat outside.

When this happens the router performs a translation ( usually of IP source only) of the IP source either to an address taken from a NAT pool or by using PAT aka NAT overload and in this last case using as new source IP address the IP address of the outgoing interface.

The translated traffic is destination based routed by the router and it may come back to the same Switch1 but on a different VLAN and/or port ( again associated to a different VLAN to the same port is that port is a L2 trunk on switch side and the router has multiple VLAN based subinterfaces this is called router on a stick to perform inter VLAN routing).

This should help you understand the flow of traffic in your network

To be noted the router keeps tracks of translation sessions that is performing and it is able and it has to perform un NAT on return traffic translating the destination address ( the so called Outside Global) to the private IP address  ( Inside ) that triggered the NAT session. So two ways communications via a NAT performing device is possible.

You can use

show ip nat translation

on the router to check NAT activity .

other useful commands can be

show ip nat statistics.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card