| HI Brandon, Kings,
If I remember correctly, if you do not specify overload, the first ip that is matched from the access-list is natted to the external address, leaving the other potential devices being unable to access the network. When the nat-timeout occurs, the global ip address becomes available again. It is comparible with the global pool for nat, but then with just one ip-address.
E.g. nat is being applied. When using the overload keyword, pat is being used.
You can compare it with the global command on the pix / asa. If you specify global (outside) 1 ip1-ip2 than the first two devices accessing the network are being translated, the third one basically has bad luck until one of the first nat entries time out. Thats why I (almost) always configure a global (outside) 1 ip3 as well, so that PAT is occuring as well.
Just a tip, if you don't know it yet.
If you do a command like "ip nat inside source 123 int dialer1 overload" remember to also put a "ip nat inside source static tcp <internalipofrouter> 22 int dialer1 22 extendable" in it as well. Otherwise you won't be able to remotely login to your DSL router/modem, as the dynamic nat would take presedence.
I think it could even a troubleshouting item in the lab as well..
HTH PIeter-Jan
On 7 apr 2010, at 18:37, Brandon Carroll wrote: Kings,
I believe the IOS automatically overloads now if you don't specify. Older IOS you had to use the overload command.
Regards,
Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Telephone: +1.810.326.1444 eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com
On Apr 7, 2010, at 9:11 AM, Kingsley Charles wrote: Hi Brandon
IOS accepts the following command without "overload" keyword. Isn't the following PAT?
ip nat source list 123 interface g0/0
With regards
Kings
On Wed, Apr 7, 2010 at 9:38 PM, Brandon Carroll <[email protected]> wrote:
Overload takes you from using NAT to using PAT.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: [email protected]
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com
On Apr 7, 2010, at 9:06 AM, Kingsley Charles wrote:
> Hi all
>
> When we configure as following, all addresses matching 123 will be translated to g0/0 and that is PAT. Port numbers are used to distinguish each hosts.
>
> ip nat source list 123 interface g0/0
>
>
> What does overload do?
>
>
> router1(config)#ip nat source list 123 interface g0/0 ?
> overload Overload an address translation
> vrf Specify vrf
> <cr>
>
> router1(config)#ip nat source list 123 pool addr ?
> overload Overload an address translation
> vrf Specify vrf
> <cr>
>
>
> With regards
> Kigs
>
> _______________________________________________
> For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
 Think before you print.
|
