Router#debug ip nat
IP NAT debugging is on
Router#
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [35]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [81]
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [36]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [82]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [37]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [38]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [83]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [39]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [84]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [40]
Accessing a web link from a PC.DNS server is on the
same http server.PC and Http/DNS server are on different
subnets.Packet Tracer used.
From the debug output above on the client side Router.
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [35]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [81]
s = 192.168.1.2 is the source PC.
-> 194.1.1.1 is the PAT IP , Source IP will be translated to.
d = 193.1.1.1 is the destination DNS/http server.
Router#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 194.1.1.1:1027 192.168.1.2:1027 193.1.1.11:53 193.1.1.11:53
tcp 194.1.1.1:1027 192.168.1.2:1027 193.1.1.11:80 193.1.1.11:80
above udp with port number 53 DNS
TCP port 80 http
Router#sh ip nat statistics
Total translations: 2 (0 static, 2 dynamic, 2 extended)
Outside Interfaces: GigabitEthernet0/0
Inside Interfaces: GigabitEthernet0/1
Hits: 53 Misses: 13
Expired translations: 0
Dynamic mappings:
-- Inside Source
access-list 1 pool jedi refCount 2
pool jedi: netmask 255.255.255.0
start 194.1.1.1 end 194.1.1.1
type generic, total addresses 1 , allocated 1 (100%), misses 0
Total translations are 2 , one for DNS and other for Http.
Total addresses is 1 as PAT is using only one IP in this case.
Expired translations show up with icmp as they do not last
in the translation table.
IP NAT debugging is on
Router#
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [35]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [81]
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [36]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [82]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [37]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [38]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [83]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [39]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [84]
NAT*: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [40]
Accessing a web link from a PC.DNS server is on the
same http server.PC and Http/DNS server are on different
subnets.Packet Tracer used.
From the debug output above on the client side Router.
NAT: s=192.168.1.2->194.1.1.1, d=193.1.1.11 [35]
NAT*: s=193.1.1.11, d=194.1.1.1->192.168.1.2 [81]
s = 192.168.1.2 is the source PC.
-> 194.1.1.1 is the PAT IP , Source IP will be translated to.
d = 193.1.1.1 is the destination DNS/http server.
Router#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 194.1.1.1:1027 192.168.1.2:1027 193.1.1.11:53 193.1.1.11:53
tcp 194.1.1.1:1027 192.168.1.2:1027 193.1.1.11:80 193.1.1.11:80
above udp with port number 53 DNS
TCP port 80 http
Router#sh ip nat statistics
Total translations: 2 (0 static, 2 dynamic, 2 extended)
Outside Interfaces: GigabitEthernet0/0
Inside Interfaces: GigabitEthernet0/1
Hits: 53 Misses: 13
Expired translations: 0
Dynamic mappings:
-- Inside Source
access-list 1 pool jedi refCount 2
pool jedi: netmask 255.255.255.0
start 194.1.1.1 end 194.1.1.1
type generic, total addresses 1 , allocated 1 (100%), misses 0
Total translations are 2 , one for DNS and other for Http.
Total addresses is 1 as PAT is using only one IP in this case.
Expired translations show up with icmp as they do not last
in the translation table.
No comments:
Post a Comment