At 11:21 PM +0000 1/4/03, The Long and Winding Road wrote:
>""Brian"" wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> pix is a nat box, curious why youre doing that on the router??
>> double nat can work, havent heard of it with this combo though.
>
>
>in general, there is no reason that double nat will NOT work. I have a
>customer network or two doing just that. I'm not familiar with the 675, and
>you are correct - I would want to know more about the configurations as
>well. Maybe an issue doing double PAT? as opposed to true double NAT or NAT
>to PAT ( which is the case with my customers )
As Chuck points out, terminology often needs to be very precise in
describing what kind of NAT you are doing, without even getting into
higher-layer proxies and the like. Various NAT WG RFCs discuss
taxonomies. Here's one taxonomy from Chapter 5 of my WAN Survival
Guide (hopefully I can get the formatting halfway reasonable):
three address spaces, Inside (I), DMZ (D) and Outside (O). The DMZ
is not always present. The Outside space is further divided into
Outside Local (OL) and Outside Remote (OR) for certain architectures.
OL is the usual case, where the outside address space is under the
control of the administrator of the local NAT device. This address
space may or may not be registered and globally routable, but it is
unique among the outsides of all NAT devices that use it. The
special case is part of Realm Specific IP, where the local and
remote NAT devices negotiate an address space to use.
An address mapping I->O means that an inside address i maps to an
outside address o. n(I) is the number of inside addresses and n(O)
is the number of outside addresses
Table 5-4: Mappings between Logical and Transmission Levels
NAT Type Translations Inside sends to Other
Basic NAT I->O Default gateway [1] n(I) = n(O)
Basic NATP I(p)->O(p) Default gateway [1] n(I) > n(O)
Bidirectional I->O Default gateway [1] n(I) = (O)
Twice I->O
O->I Default gateway [1] n(I) = n(O)
DNS ALG needed
Double I->D
D->O Default gateway [1]
Multihomed Any Default gateway [1] Must retain state among all
NAT devices, or use
static translations
Realm-Specific I-> OR if client Default gateway [1]
Load-Sharing O->I Inside sends to default route, preferably of
virtual server
Load-Sharing with Port translation O(p)->I(p) Inside sends
to default route, preferably of virtual server
[1] If hosts are routing-aware, they can send to a router with a
more-specific route than the default.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60318&t=60318
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
