网络地址翻译 Network Address Translation I厦 Cisco.com 深圳职业技术学院计算机系网络专业 06,ShenzhenPolytechnic.All
© 2006, Shenzhen Polytechnic. All rights reserved. 1 网络地址翻译 Network Address Translation 深圳职业技术学院计算机系网络专业
教学目标(Objectives) Cisco.com 1.私有地址(Private Addressing) 2.NAT操作(NAT Operation) 3.NAT分类(NAT Class) 4.配置NAT(Configuring NAT) 5.NAT排错 (Troubleshooting NAT Configuration) 2006,Shenzhen Polytechnic.All rights reserved
© 2006, Shenzhen Polytechnic. All rights reserved. 2 教学目标( Objectives ) 1.私有地址(Private Addressing ) 2. NAT操作(NAT Operation) 3. NAT分类(NAT Class) 4. 配置NAT (Configuring NAT) 5. NAT排错 (Troubleshooting NAT Configuration)
IP Address Class and Range WWIW Cisco.com Class A: 1-126 Class B: 128-191 Class C: 192-223 127 is lost,why? 2006,Shenzhen Polytechnic.All rights reserved
© 2006, Shenzhen Polytechnic. All rights reserved. 3 IP Address Class and Range Class A: Class B: Class C: 1-126 128-191 192-223 127 is lost, why?
公网地址和私有地址 Public Address and Private Address) wwcmm Cisco.com 1.公网地址必须被注册 Public Internet addresses must be registered by a company with an Internet authority. 2.私有地址被保留,并可以被任何人使用 Private IP addresses are reserved and can be used by anyone
© 2006, Shenzhen Polytechnic. All rights reserved. 4 公网地址和私有地址 ( Public Address and Private Address) 1. 公网地址必须被注册 Public Internet addresses must be registered by a company with an Internet authority. 2. 私有地址被保留,并可以被任何人使用 Private IP addresses are reserved and can be used by anyone
私有地址范围(Private Address Range) Cisco.com Class RFC 1918 Internal Address Range CIDR Prefix 10.0.0.0-10.255.255.255 10.0.0.0/8 B 172.16.0.0-172.31.255.255 172.16.0.0/12 A c 192.168.0.0-192.168.255.255 192.168.0.0/16 2006,Shenzhen Polytechnic.All rights reserved
© 2006, Shenzhen Polytechnic. All rights reserved. 5 私有地址范围(Private Address Range)
深职院二期网络核心拓扑图 A夏 Cisco.com Internet- 一上期已铺光纤 Catalyst 2948G 一本期待铺光纤 165 Cernet 163 图书馆 Cisco 7206 信息大楼 Backbone Channel Catalyst 6509 Catalyst 5509 →HSRP 行政大楼 ■Catalyst354 Channel Channel LoadBalance Catalyst 4006 Catalyst 2948G Catalyst 3548GCatalyst 2948G 工业中心 教学楼 2006.Shenzhon Polytechnic.Allrights reserved
© 2006, Shenzhen Polytechnic. All rights reserved. 6 Catalyst 4006 Catalyst 6509 教学楼 工业中心 信息大楼 行政大楼 图书馆 Catalyst 6509 Catalyst 2948G Catalyst 2948G Catalyst 3548G Catalyst 2948G Catalyst 3548 Cisco 7206 Internet 163 165 Cernet Channel LoadBalance 上期已铺光纤 本期待铺光纤 Channel 深职院二期网络核心拓扑图 HSRP
NAT操作(NAT Operation) wwmm Cisco.com T
© 2006, Shenzhen Polytechnic. All rights reserved. 7 NAT操作(NAT Operation)
NAT操作(NAT Operation) Cisco.com 。 1.NAT典型工作存根网络的边缘 。 A NAT enabled device typically operates at the border of a stub network. ● 2.边界路由器执行NAT功能,将内部私有地 址转换成公网可路由的地址。 The border gateway router performs the NAT process,translating the internal private address of a host to a public, external routable address. 006,ShenzhenPolytechnic.Allrights reserved
© 2006, Shenzhen Polytechnic. All rights reserved. 8 • 1. NAT典型工作存根网络的边缘 • A NAT enabled device typically operates at the border of a stub network. • 2. 边界路由器执行NAT功能,将内部私有地 址转换成公网可路由的地址。 • The border gateway router performs the NAT process, translating the internal private address of a host to a public, external routable address. NAT操作(NAT Operation)
NAT术语(NAT Terms) Cisco.com 1.Inside local address-指定给内部主机使用的地址 The IP address assigned to a host on the inside network. 2.Inside global address-从SP或NIC注册的地址,即内部主 机地址被NAT转换的外部地址 A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. 3.Address Poo-NIC或SP分配使用的多个地址 IP addresses assigned by the NIC or service provider
© 2006, Shenzhen Polytechnic. All rights reserved. 9 1. Inside local address – 指定给内部主机使用的地址 The IP address assigned to a host on the inside network. 2. Inside global address – 从SP或NIC注册的地址,即内部主 机地址被NAT转换的外部地址 A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. 3. Address Pool-NIC或SP分配使用的多个地址 IP addresses assigned by the NIC or service provider NAT术语(NAT Terms)
NAT分类(NAT Class) wwm Cisco.com 1.静态NAT 静态NAT的特征是内部主机地址被一对一映射到外 部主机地址 Static NAT is designed to allow one-to-one mapping of local and global addresses. Pc1:10.1.1.1--->200.200.200.1 Pc2:10.1.1.2--->200.200.200.2 Pc3:10.1.1.3----> 200.200.200.2? X Pc4:10.1.1.4-- ->
© 2006, Shenzhen Polytechnic. All rights reserved. 10 1.静态NAT 静态NAT的特征是内部主机地址被一对一映射到外 部主机地址 Static NAT is designed to allow one-to-one mapping of local and global addresses. NAT分类(NAT Class) Pc1:10.1.1.1---------->200.200.200.1 Pc2:10.1.1.2---------->200.200.200.2 Pc3:10.1.1.3----------> Pc4:10.1.1.4----------> 200.200.200.2? X