I'll try again. I'm not saying you're wrong about the scenario as you
describe it, only that you are making many assumptions here that I'm not yet
willing to read into things. MY REPLIES ARE BELOW:
Respectfully, your incorrect. He has a legal class C, 128.5.1.X, which the
OP stated in his original email.
He stated no such thing. He just used that number as a "for instance" in
his example. If he has all or any significant part of an entire class C, I
would be very surprised based on the relatively small scope of his question
and the equipment we're talking about. If we want to make assumptions based
on his original post, probably those 128-address or "real" addresses are a
/30 on the wan side of the isp router as well as a slightly larger subnet
for his LAN machines, But we *don't know*.
His problem is that he is using 10 net addressing internally and for
whatever reason doesn't want to deal with the ISP changing their router.
He can't be using ten-dot addressing currently because that would mean
that the isp's router is already doing some kind of translation (what I
believe is easy to miss here is that most of the time, the isp router is on
premises and is THE router for the customer LAN)
If one were to implement a NAT pool composed of addresses on the 128.5.1.x
subnet, or just use the routers' own IP address with PAT/NAT overload, this
could be done easily. The ISP router will simply arp for the 128.5.1.x
addresses and send the packets to the customer controlled router. The
customer controlled router performs the de-NAT operation and all is well.
There's no reason to require any changes to the ISP router assuming it is
currently working and connected to the 128.5.1.x subnet. This is a very
common scenario, the ISP router doesn't need to know about the internal
subnets.
That's certainly the common scenario when the customer uses their own
router exclusively on premises. I really don't believe that's the case here.
I think we're talking about a couple of 160Xs trying to co-exist on an
ehternet, one doing the nat for the other. And I'm *pretty sure* that
doesn't work.
The only special requirement about the OP scenario is that he has a router
with only a single ethernet interface. Given that, his request was simplyhow
to implement NAT with only a single physical interface. ..The router
lets you configure a sub-interface, but not apply an IP address and NAT, it
complains about not having ISL or 802.1q configured. (IOS version 12.0.9)
Yup. I appreciate the explanation.
So the bottom line is that it doesn't appear he will be able to implement
his scenario with the 1601, but only because the 1600 series doesn't support
802.1q. In order to have his scenario work he'll need some additional
hardware. My suggestion would be to get a cheap x86 box and implement Linux.
Total cost about $150.
No argument from me, although the isp has no reason not to implement PAT
on their router. It's almost certainly their own allocated IP addresses that
they'd be saving.
Thanks again for the discussion. It's nice to know that with different
routers the scenario could work
:-{)]
Mark A. Morenz, MS Ed, CCNA, CCAI
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15816&t=15460
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
