Advanced IP Routing in Cisco Networks
Figures for Chapter 7 - Network Address Translation
Figure 7-1
Figure 7-2
Figure 7-3
1 !
2 hostname Tokyo
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 131.108.2.1 255.255.255.0
8 !
9 interface Serial0
10 ip address 131.108.3.1 255.255.255.0
11 bandwidth 125
12 !
13 router rip
14 network 131.108.0.0
15 !
16 ip classless
17 !
18 !
19 line con 0
20 exec-timeout 0 0
21 length 0
22line vty 0 4
23 password cisco
24 login
25 !
26 end
Figure 7-4
1 Tokyo#debug ip rip
2 RIP protocol debugging is on
3 Tokyo#
4 RIP: sending v1 update to 255.255.255.255 via Ethernet0 (131.108.2.1)
5 subnet 131.108.3.0, metric 1
6 network 200.200.200.0, metric 2
7 RIP: sending v1 update to 255.255.255.255 via Serial0 (131.108.3.1)
8 subnet 131.108.2.0, metric 1
9 RIP: received v1 update from 131.108.3.2 on Serial0
10 network 200.200.200.0, metric 1
Figure 7-5
1 Tokyo#sho ip protocol
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 12 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial0 1 1 2
12 Routing for Networks:
13 131.108.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 131.108.3.2 120 00:00:22
17 Distance: (default is 120)
Figure 7-6
1 Tokyo#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 R 200.200.200.0/24 [120/1] via 131.108.3.2, 00:00:26, Serial0
12 131.108.0.0/24 is subnetted, 2 subnets
13 C 131.108.3.0 is directly connected, Serial0
14 C 131.108.2.0 is directly connected, Ethernet0
Figure 7-7
1 !
2 hostname NewYork
3 !
4 ip nat pool good-pool 200.200.200.2 200.200.200.254 netmask 255.255.255.0
5 ip nat inside source list 1 pool good-pool
6 no ip domain-lookup
7 !
8 interface Loopback0
9 ip address 200.200.200.1 255.255.255.0
10 !
11 interface Serial0
12 ip address 10.0.2.1 255.255.255.0
13 ip nat inside
14 bandwidth 125
15 !
16 interface Serial1
17 ip address 131.108.3.2 255.255.255.0
18 ip nat outside
19 bandwidth 125
20 clockrate 125000
21 !
22 router rip
23 network 10.0.0.0
24 network 131.108.0.0
25 network 200.200.200.0
26 distribute-list 2 out Serial0
27 distribute-list 3 out Serial1
28 !
29 ip classless
30 access-list 1 permit 10.0.0.0 0.255.255.255
31 access-list 2 permit 131.108.0.0 0.0.255.255
32 access-list 3 permit 131.108.0.0 0.0.255.255
33 access-list 3 permit 200.200.200.0 0.0.0.255
34 !
35 line con 0
36 exec-timeout 0 0
37 length 0
38 !
39 end
Figure 7-8
1 NewYork#debug ip nat detailed
2 IP NAT detailed debugging is on
3 NewYork#
4 NAT:* i: icmp (10.0.1.1, 0) -> (131.108.2.1, 0) [1806]
5 NAT*: o: icmp (131.108.2.1, 0) -> (131.108.5.1, 0) [1806]
6 NAT*: i: icmp (10.0.1.1, 1) -> (131.108.2.1, 1) [1807]
7 NAT*: o: icmp (131.108.2.1, 1) -> (131.108.5.1, 1) [1807]
8 NAT*: i: icmp (10.0.1.1, 2) -> (131.108.2.1, 2) [1808]
9 NAT*: o: icmp (131.108.2.1, 2) -> (131.108.5.1, 2) [1808]
10 NAT*: i: icmp (10.0.1.1, 3) -> (131.108.2.1, 3) [1809]
11 NAT*: o: icmp (131.108.2.1, 3) -> (131.108.5.1, 3) [1809]
12 NAT*: i: icmp (10.0.1.1, 4) -> (131.108.2.1, 4) [1810]
13 NAT*: o: icmp (131.108.2.1, 4) -> (131.108.5.1, 4) [1810]
Figure 7-9
1 NewYork#sho ip nat translations
2 Pro Inside global Inside local Outside local Outside global
3 --- 200.200.200.2 10.0.2.2 --- ---
4 --- 200.200.200.3 10.0.1.1 --- ---
5
6 NewYork#show ip nat statistics
7 Total active translations: 2 (0 static, 2 dynamic; 0 extended)
8 Outside interfaces: Serial1
9 Inside interfaces: Serial0
10 Hits: 71 Misses: 4
11 Expired translations: 0
12 Dynamic mappings:
13 -- Inside Source
14 access-list 1 pool good-pool refcount 2
15 pool good-pool: netmask 255.255.255.0
16 start 200.200.200.2 end 200.200.200.254
17 type generic, total addresses 253, allocated 2 (0%), misses 0
Figure 7-10
1 NewYork#clear ip nat ?
2 statistics Clear translation statistics
3 translation Clear dynamic translation
4
5 NewYork#clear ip nat translation ?
6 * Delete all dynamic translations
7 inside Inside addresses (and ports)
8 outside Outside addresses (and ports)
9 tcp Transmission Control Protocol
10 udp User Datagram Protocol
11
12 NewYork#clear ip nat translation *
13 NewYork#sho ip nat translation
14 NewYork#sho ip nat stat
15 Total active translations: 0 (0 static, 0 dynamic; 0 extended)
16 Outside interfaces: Serial1
17 Inside interfaces: Serial0
18 Hits: 71 Misses: 4
19 Expired translations: 0
20 Dynamic mappings:
21 -- Inside Source
22 access-list 1 pool good-pool refcount 0
23 pool good-pool: netmask 255.255.255.0
24 start 200.200.200.2 end 200.200.200.254
25 type generic, total addresses 253, allocated 0 (0%), misses 0
Figure 7-11
1 NewYork#sho ip protocol
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 4 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Serial0 filtered by 2
7 Serial1 filtered by 3
8 Incoming update filter list for all interfaces is not set
9 Redistributing: rip
10 Default version control: send version 1, receive any version
11 Interface Send Recv Key-chain
12 Loopback0 1 1 2
13 Serial0 1 1 2
14 Serial1 1 1 2
15 Routing for Networks:
16 10.0.0.0
17 131.108.0.0
18 200.200.200.0
19 Routing Information Sources:
20 Gateway Distance Last Update
21 10.0.2.2 120 00:00:13
22 131.108.3.1 120 00:00:20
23 Distance: (default is 120)
Figure 7-12
1 NewYork#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 C 200.200.200.0/24 is directly connected, Loopback0
12 10.0.0.0/24 is subnetted, 2 subnets
13 C 10.0.2.0 is directly connected, Serial0
14 R 10.0.1.0 [120/1] via 10.0.2.2, 00:00:19, Serial0
15 131.108.0.0/24 is subnetted, 2 subnets
16 C 131.108.3.0 is directly connected, Serial1
17 R 131.108.2.0 [120/1] via 131.108.3.1, 00:00:00, Serial1
Figure 7-13
1 !
2 hostname London
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 10.0.1.1 255.255.255.0
8 !
9 interface Serial1
10 ip address 10.0.2.2 255.255.255.0
11 bandwidth 125
12 clockrate 125000
13 !
14 router rip
15 network 10.0.0.0
16 !
17 ip classless
18 !
19 line con 0
20 exec-timeout 0 0
21 length 0
22 !
Figure 7-14
1 London#ping
2 Protocol [ip]:
3 Target IP address: 131.108.2.1
4 Repeat count [5]:
5 Datagram size [100]:
6 Timeout in seconds [2]:
7 Extended commands [n]:
8 Sweep range of sizes [n]:
9 Type escape sequence to abort.
10 Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds:
11 !!!!!
12 Success rate is 100 percent (5/5), round-trip min/avg/max = 36/83/268 ms
13 London#ping
14 Protocol [ip]:
15 Target IP address: 131.108.2.1
16 Repeat count [5]:
17 Datagram size [100]:
18 Timeout in seconds [2]:
19 Extended commands [n]: y
20 Source address or interface: 10.0.1.1
21 Type of service [0]:
22 Set DF bit in IP header? [no]:
23 Validate reply data? [no]:
24 Data pattern [0xABCD]:
25 Loose, Strict, Record, Timestamp, Verbose[none]:
26 Sweep range of sizes [n]:
27 Type escape sequence to abort.
28 Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds:
29 !!!!!
30 Success rate is 100 percent (5/5), round-trip min/avg/max = 36/40/38 ms
Figure 7-15
1 London#sho ip prot
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 10 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial1 1 1 2
12 Routing for Networks:
13 10.0.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 10.0.2.1 120 00:00:18
17 Distance: (default is 120)
Figure 7-16
1 London#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 10.0.0.0/24 is subnetted, 2 subnets
12 C 10.0.2.0 is directly connected, Serial1
13 C 10.0.1.0 is directly connected, Ethernet0
14 R 131.108.0.0/16 [120/1] via 10.0.2.1, 00:00:23, Serial1
Figure 7-17
Figure 7-18
1 !
2 hostname Tokyo
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 131.108.2.1 255.255.255.0
8 !
9 interface Serial0
10 ip address 144.251.1.1 255.255.255.0
11 bandwidth 125
12 !
13 router rip
14 network 131.108.0.0
15 !
16 ip classless
17 ip route 0.0.0.0 0.0.0.0 Serial0
18 !
19 line con 0
20 exec-timeout 0 0
21 length 0
22 !
23 end
Figure 7-19
1 Tokyo#sho ip protocol
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 12 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial0 1 1 2
12 Routing for Networks:
13 131.108.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 131.108.3.2 120 00:00:22
17 Distance: (default is 120)
Figure 7-20
1 Tokyo#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 144.251.0.0/24 is subnetted, 1 subnets
12 C 144.251.1.0 is directly connected, Serial0
13 131.108.0.0/24 is subnetted, 1 subnets
14 C 131.108.2.0 is directly connected, Ethernet0
15 S* 0.0.0.0/0 is directly connected, Serial0
Figure 7-21
1 !
2 hostname NewYork
3 !
4 ip nat pool good-pool 200.200.200.5 200.200.200.250 netmask 255.255.255.0
5 ip nat inside source list 1 pool good-pool
6 ip nat inside source static 131.108.2.1 200.200.200.1
7 ip nat outside source static 131.108.2.1 200.200.200.254
8 no ip domain-lookup
9 !
10 interface Serial0
11 ip address 131.108.3.1 255.255.255.0
12 ip nat inside
13 bandwidth 125
14 !
15 interface Serial1
16 ip address 144.251.1.2 255.255.255.0
17 ip nat outside
18 bandwidth 125
19 clockrate 125000
20 !
21 router rip
22 network 131.108.0.0
23 !
24 ip classless
25 ip route 0.0.0.0 0.0.0.0 Serial1
26 access-list 1 permit 131.108.0.0 0.0.255.255
27 !
28 line con 0
29 exec-timeout 0 0
30 length 0
31 !
32 end
Figure 7-22
1 NewYork#sho ip nat stat
2 Total active translations: 2 (2 static, 0 dynamic; 0 extended)
3 Outside interfaces: Serial1
4 Inside interfaces: Serial0
5 Hits: 0 Misses: 0
6 Expired translations: 0
7 Dynamic mappings:
8 -- Inside Source
9 access-list 1 pool good-pool refcount 0
10 pool good-pool: netmask 255.255.255.0
11 start 200.200.200.5 end 200.200.200.250
12 type generic, total addresses 246, allocated 0 (0%), misses 0
13 NewYork#sho ip nat tran
14 Pro Inside global Inside local Outside local Outside global
15 --- 200.200.200.1 131.108.2.1 --- ---
16 --- --- --- 200.200.200.254 131.108.2.1
Figure 7-23
1 NewYork#debug ip nat
2 NAT*: s=131.108.3.2->200.200.200.5, d=144.251.1.1 [195]
3 NAT*: s=144.251.1.1, d=200.200.200.5->131.108.3.2 [195]
4 NAT*: s=131.108.3.2->200.200.200.5, d=144.251.1.1 [196]
5 NAT*: s=144.251.1.1, d=200.200.200.5->131.108.3.2 [196]
6 NAT*: s=131.108.3.2->200.200.200.5, d=144.251.1.1 [197]
7 NAT*: s=144.251.1.1, d=200.200.200.5->131.108.3.2 [197]
8 NAT*: s=131.108.3.2->200.200.200.5, d=144.251.1.1 [198]
9 NAT*: s=144.251.1.1, d=200.200.200.5->131.108.3.2 [198]
10 NAT*: s=131.108.3.2->200.200.200.5, d=144.251.1.1 [199]
11 NAT*: s=144.251.1.1, d=200.200.200.5->131.108.3.2 [199]
12 NAT: s=131.108.2.1->200.200.200.1, d=200.200.200.254 [200]
13 NAT: s=200.200.200.1, d=200.200.200.254->131.108.2.1 [200]
14 NAT*: s=131.108.2.1->200.200.200.254, d=200.200.200.1 [200]
15 NAT*: s=200.200.200.254, d=200.200.200.1->131.108.2.1 [200]
16 NAT: s=131.108.2.1->200.200.200.1, d=200.200.200.254 [201]
17 NAT: s=200.200.200.1, d=200.200.200.254->131.108.2.1 [201]
18 NAT*: s=131.108.2.1->200.200.200.254, d=200.200.200.1 [201]
19 NAT*: s=200.200.200.254, d=200.200.200.1->131.108.2.1 [201]
20 NAT: s=131.108.2.1->200.200.200.1, d=200.200.200.254 [202]
21 NAT: s=200.200.200.1, d=200.200.200.254->131.108.2.1 [202]
22 NAT*: s=131.108.2.1->200.200.200.254, d=200.200.200.1 [202]
23 NAT*: s=200.200.200.254, d=200.200.200.1->131.108.2.1 [202]
24 NAT: s=131.108.2.1->200.200.200.1, d=200.200.200.254 [203]
25 NAT: s=200.200.200.1, d=200.200.200.254->131.108.2.1 [203]
26 NAT*: s=131.108.2.1->200.200.200.254, d=200.200.200.1 [203]
27 NAT*: s=200.200.200.254, d=200.200.200.1->131.108.2.1 [203]
28 NAT: s=131.108.2.1->200.200.200.1, d=200.200.200.254 [204]
29 NAT: s=200.200.200.1, d=200.200.200.254->131.108.2.1 [204]
30 NAT*: s=131.108.2.1->200.200.200.254, d=200.200.200.1 [204]
31 NAT*: s=200.200.200.254, d=200.200.200.1->131.108.2.1 [204]
Figure 7-24
1 NewYork#show ip nat stat
2 Total active translations: 4 (2 static, 2 dynamic; 0 extended)
3 Outside interfaces: Serial1
4 Inside interfaces: Serial0
5 Hits: 38 Misses: 2
6 Expired translations: 0
7 Dynamic mappings:
8 -- Inside Source
9 access-list 1 pool good-pool refcount 1
10 pool good-pool: netmask 255.255.255.0
11 start 200.200.200.5 end 200.200.200.250
12 type generic, total addresses 246, allocated 1 (0%), misses 0
13
14 NewYork#sho ip nat tran
15 Pro Inside global Inside local Outside local Outside global
16 --- 200.200.200.1 131.108.2.1 --- ---
17 --- 200.200.200.5 131.108.3.2 --- ---
18 --- --- --- 200.200.200.254 131.108.2.1
19 --- 200.200.200.1 131.108.2.1 200.200.200.254 131.108.2.1
Figure 7-25
1 NewYork#sho ip prot
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 5 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Serial0 1 1 2
11 Routing for Networks:
12 131.108.0.0
13 Routing Information Sources:
14 Gateway Distance Last Update
15 131.108.3.2 120 00:00:06
16 Distance: (default is 120)
Figure 7-26
1 NewYork#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 144.251.0.0/24 is subnetted, 1 subnets
12 C 144.251.1.0 is directly connected, Serial1
13 131.108.0.0/24 is subnetted, 2 subnets
14 C 131.108.3.0 is directly connected, Serial0
15 R 131.108.2.0 [120/1] via 131.108.3.2, 00:00:12, Serial0
16 S* 0.0.0.0/0 is directly connected, Serial1
Figure 7-27
1 !
2 hostname London
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 131.108.2.1 255.255.255.0
8 !
9 interface Serial1
10 ip address 131.108.3.2 255.255.255.0
11 bandwidth 125
12 clockrate 125000
13 !
14 router rip
15 network 131.108.0.0
16 !
17 ip classless
18 !
19 line con 0
20 exec-timeout 0 0
21 length 0
22 !
23 end
Figure 7-28
1 London#ping 144.251.1.1
2
3 Type escape sequence to abort.
4 Sending 5, 100-byte ICMP Echos to 144.251.1.1, timeout is 2 seconds:
5 !!!!!
6 Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/36 ms
7 London#ping
8 Protocol [ip]:
9 Target IP address: 200.200.200.254
10 Repeat count [5]:
11 Datagram size [100]:
12 Timeout in seconds [2]:
13 Extended commands [n]: y
14 Source address or interface: 131.108.2.1
15 Type of service [0]:
16 Set DF bit in IP header? [no]:
17 Validate reply data? [no]:
18 Data pattern [0xABCD]:
19 Loose, Strict, Record, Timestamp, Verbose[none]:
20 Sweep range of sizes [n]:
21 Type escape sequence to abort.
22 Sending 5, 100-byte ICMP Echos to 200.200.200.254, timeout is 2 seconds:
23 !!!!!
24 Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/48 ms
Figure 7-29
1 London#show ip protocol
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 14 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial1 1 1 2
12 Routing for Networks:
13 131.108.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 10.0.2.1 120 02:23:07
17 131.108.3.1 120 00:00:27
18 Distance: (default is 120)
Figure 7-30
1 London#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 131.108.3.1 to network 0.0.0.0
10
11 131.108.0.0/24 is subnetted, 2 subnets
12 C 131.108.3.0 is directly connected, Serial1
13 C 131.108.2.0 is directly connected, Ethernet0
14 R* 0.0.0.0/0 [120/1] via 131.108.3.1, 00:00:03, Serial1
Figure 7-31
Figure 7-32
1 !
2 hostname Tokyo
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 10.1.1.1 255.255.255.0
8 !
9 interface Serial0
10 ip address 10.1.4.1 255.255.255.0
11 bandwidth 125
12 !
13 interface Serial1
14 ip address 10.1.2.2 255.255.255.0
15 bandwidth 125
16 clockrate 125000
17 !
18 router eigrp 200
19 network 10.0.0.0
20 !
21 ip classless
22 !
23 line con 0
24 exec-timeout 0 0
25 length 0
26 !
27 end
Figure 7-33
1 Tokyo#ping 192.168.3.1
2
3 Type escape sequence to abort.
4 Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
5 !!!!!
6 Success rate is 100 percent (5/5), round-trip min/avg/max = 36/41/52 ms
Figure 7-34
1 Tokyo#sho ip prot
2 Routing Protocol is "eigrp 200"
3 Outgoing update filter list for all interfaces is not set
4 Incoming update filter list for all interfaces is not set
5 Default networks flagged in outgoing updates
6 Default networks accepted from incoming updates
7 EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
8 EIGRP maximum hopcount 100
9 EIGRP maximum metric variance 1
10 Redistributing: eigrp 200
11 Automatic network summarization is in effect
12 Routing for Networks:
13 10.0.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 10.1.2.1 90 00:18:22
17 10.1.4.2 90 00:18:22
18 Distance: internal 90 external 170
Figure 7-35
1 Tokyo#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 10.1.2.1 to network 0.0.0.0
10
11 10.0.0.0/24 is subnetted, 4 subnets
12 D 10.1.3.0 [90/21504000] via 10.1.4.2, 01:07:56, Serial0
13 [90/21504000] via 10.1.2.1, 01:07:56, Serial1
14 C 10.1.2.0 is directly connected, Serial1
15 C 10.1.1.0 is directly connected, Ethernet0
16 C 10.1.4.0 is directly connected, Serial0
17 D*EX 0.0.0.0/0 [170/21017600] via 10.1.2.1, 00:18:28, Serial1
18 [170/21017600] via 10.1.4.2, 00:18:28, Serial0
Figure 7-36
1 !
2 hostname NewYork
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 192.168.2.1 255.255.255.0
8 !
9 interface Serial0
10 ip address 10.1.3.1 255.255.255.0
11 bandwidth 125
12 !
13 interface Serial1
14 ip address 10.1.4.2 255.255.255.0
15 bandwidth 125
16 clockrate 125000
17 !
18 router eigrp 200
19 redistribute static
20 network 10.0.0.0
21 distribute-list 1 out static
22 !
23 ip classless
24 ip route 0.0.0.0 0.0.0.0 Ethernet0
25 ip route 192.168.3.0 255.255.255.0 192.168.2.2
26 access-list 1 permit 0.0.0.0
27 !
28 line con 0
29 exec-timeout 0 0
30 length 0
31 !
32 end
Figure 7-37
1 NewYork#sho ip prot
2 Routing Protocol is "eigrp 200"
3 Outgoing update filter list for all interfaces is not set
4 Redistributed static filtered by 1
5 Incoming update filter list for all interfaces is not set
6 Default networks flagged in outgoing updates
7 Default networks accepted from incoming updates
8 EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
9 EIGRP maximum hopcount 100
10 EIGRP maximum metric variance 1
11 Redistributing: static, eigrp 200
12 Automatic network summarization is in effect
13 Routing for Networks:
14 10.0.0.0
15 Routing Information Sources:
16 Gateway Distance Last Update
17 10.1.3.2 90 00:20:21
18 10.1.4.1 90 00:20:21
19 Distance: internal 90 external 170
Figure 7-38
1 NewYork#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 10.0.0.0/24 is subnetted, 4 subnets
12 C 10.1.3.0 is directly connected, Serial0
13 D 10.1.2.0 [90/21504000] via 10.1.3.2, 00:30:56, Serial0
14 [90/21504000] via 10.1.4.1, 00:30:56, Serial1
15 D 10.1.1.0 [90/21017600] via 10.1.4.1, 00:30:56, Serial1
16 C 10.1.4.0 is directly connected, Serial1
17 C 192.168.2.0/24 is directly connected, Ethernet0
18 S 192.168.3.0/24 [1/0] via 192.168.2.2
19 S* 0.0.0.0/0 is directly connected, Ethernet0
Figure 7-39
1 !
2 hostname London
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 192.168.1.1 255.255.255.0
8 no ip route-cache
9 !
10 interface Serial0
11 ip address 10.1.2.1 255.255.255.0
12 no ip route-cache
13 bandwidth 125
14 !
15 interface Serial1
16 ip address 10.1.3.2 255.255.255.0
17 no ip route-cache
18 bandwidth 125
19 clockrate 125000
20 !
21 router eigrp 200
22 redistribute static
23 network 10.0.0.0
24 distribute-list 1 out static
25 !
26 ip classless
27 ip route 0.0.0.0 0.0.0.0 Ethernet0
28 ip route 192.168.3.0 255.255.255.0 192.168.1.2
29 access-list 1 permit 0.0.0.0
30 !
31 !
32 line con 0
33 exec-timeout 0 0
34 length 0
35 !
36 end
Figure 7-40
1 London#sho ip prot
2 Routing Protocol is "eigrp 200"
3 Outgoing update filter list for all interfaces is not set
4 Redistributed static filtered by 1
5 Incoming update filter list for all interfaces is not set
6 Default networks flagged in outgoing updates
7 Default networks accepted from incoming updates
8 EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
9 EIGRP maximum hopcount 100
10 EIGRP maximum metric variance 1
11 Redistributing: static, eigrp 200
12 Automatic network summarization is in effect
13 Routing for Networks:
14 10.0.0.0
15 Routing Information Sources:
16 Gateway Distance Last Update
17 10.1.3.1 90 00:21:41
18 10.1.2.2 90 00:21:41
19 Distance: internal 90 external 170
Figure 7-41
1 London#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 10.0.0.0/24 is subnetted, 4 subnets
12 C 10.1.3.0 is directly connected, Serial1
13 C 10.1.2.0 is directly connected, Serial0
14 D 10.1.1.0 [90/21017600] via 10.1.2.2, 01:11:06, Serial0
15 D 10.1.4.0 [90/21504000] via 10.1.2.2, 01:11:06, Serial0
16 [90/21504000] via 10.1.3.1, 01:11:06, Serial1
17 C 192.168.1.0/24 is directly connected, Ethernet0
18 S 192.168.3.0/24 [1/0] via 192.168.1.2
19 S* 0.0.0.0/0 is directly connected, Ethernet0
Figure 7-42
1 !
2 hostname Moscow
3 !
4 ip nat pool ospf-source 192.168.3.50 192.168.3.99 netmask 255.255.255.0
5 ip nat inside source list 1 pool ospf-source overload
6 ip nat inside source static 10.0.1.1 192.168.3.1
7 ip nat outside source static 10.1.1.1 192.168.3.254
8 no ip domain-lookup
9 !
10 interface Loopback0
11 ip address 10.1.254.253 255.255.255.252
12 !
13 interface Ethernet0
14 ip address 192.168.2.2 255.255.255.0
15 ip nat outside
16 no ip route-cache
17 no ip mroute-cache
18 !
19 interface Serial0
20 ip address 10.1.1.13 255.255.255.252
21 ip nat inside
22 ip rip authentication mode 0
23 no ip route-cache
24 bandwidth 125
25 no fair-queue
26 !
27 interface Serial1
28 ip address 10.1.1.10 255.255.255.252
29 no ip route-cache
30 bandwidth 125
31 clockrate 125000
32 !
33 router ospf 200
34 network 10.1.1.12 0.0.0.3 area 1
35 network 10.1.1.8 0.0.0.3 area 1
36 network 10.1.254.252 0.0.0.3 area 1
37 default-information originate always metric 1 metric-type 1
38 !
39 ip classless
40 ip route 0.0.0.0 0.0.0.0 Ethernet0
41 access-list 1 permit 10.0.0.0 0.255.255.255
42 !
43 line con 0
44 exec-timeout 0 0
45 length 0
46 !
47 end
Figure 7-43
1 Moscow#clear ip nat tran *
2 Moscow#clear ip nat stat
3 Moscow#sho ip nat tran
4 Pro Inside global Inside local Outside local Outside global
5 --- --- --- 192.168.3.254 10.1.1.1
6 --- 192.168.3.1 10.0.1.1 --- ---
7 Moscow#sho ip nat stat
8 Total active translations: 2 (2 static, 0 dynamic; 0 extended)
9 Outside interfaces: Ethernet0
10 Inside interfaces: Serial0
11 Hits: 0 Misses: 0
12 Expired translations: 0
13 Dynamic mappings:
14 -- Inside Source
15 access-list 1 pool ospf-source refcount 0
16 pool ospf-source: netmask 255.255.255.0
17 start 192.168.3.50 end 192.168.3.99
18 type generic, total addresses 50, allocated 0 (0%), misses 0
Figure 7-44
1 !EIGRP to Rome E0
2 NAT: s=10.1.2.2, d=192.168.3.1->10.0.1.1 [11]
3 NAT: s=10.0.1.1->192.168.3.1, d=10.1.2.2 [11]
4 NAT: s=10.1.2.2, d=192.168.3.1->10.0.1.1 [13]
5 NAT: s=10.0.1.1->192.168.3.1, d=10.1.2.2 [13]
6 !Regular OSPF to Tokyo E0
7 NAT: s=10.1.1.14->192.168.3.50, d=192.168.3.254 [150]
8 NAT: s=192.168.3.50, d=192.168.3.254->10.1.1.1 [150]
9 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.50 [150]
10 NAT: s=192.168.3.254, d=192.168.3.50->10.1.1.14 [150]
11 NAT: s=10.1.1.14->192.168.3.50, d=192.168.3.254 [152]
12 NAT: s=192.168.3.50, d=192.168.3.254->10.1.1.1 [152]
13 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.50 [152]
14 NAT: s=192.168.3.254, d=192.168.3.50->10.1.1.14 [152]
15 NAT: s=10.1.1.14->192.168.3.50, d=192.168.3.254 [154]
16 NAT: s=192.168.3.50, d=192.168.3.254->10.1.1.1 [154]
17 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.50 [154]
18 NAT: s=192.168.3.254, d=192.168.3.50->10.1.1.14 [154]
19 !Dynamic Mapping Cleanup
20 NAT: expiring 192.168.3.50 (10.1.1.6) icmp 1411 (1411)
21 NAT: expiring 192.168.3.50 (10.1.1.6) icmp 1413 (1413)
22 NAT: expiring 192.168.3.50 (10.1.1.14) icmp 8408 (8408)
23 NAT: expiring 192.168.3.50 (10.1.1.14) icmp 8410 (8410)
24 NAT: expiring 192.168.3.50 (10.1.1.14) icmp 8412 (8412)
25 !Static 10.0.1.1 to Tokyo E0
26 NAT: s=10.0.1.1->192.168.3.1, d=192.168.3.254 [156]
27 NAT: s=192.168.3.1, d=192.168.3.254->10.1.1.1 [156]
28 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.1 [156]
29 NAT: s=192.168.3.254, d=192.168.3.1->10.0.1.1 [156]
30 NAT: s=10.0.1.1->192.168.3.1, d=192.168.3.254 [158]
31 NAT: s=192.168.3.1, d=192.168.3.254->10.1.1.1 [158]
32 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.1 [158]
33 NAT: s=192.168.3.254, d=192.168.3.1->10.0.1.1 [158]
Figure 7-45
1 Moscow#show ip nat statistics
2 Total active translations: 5 (2 static, 3 dynamic; 2 extended)
3 Outside interfaces: Ethernet0
4 Inside interfaces: Serial0
5 Hits: 16 Misses: 13
6 Expired translations: 10
7 Dynamic mappings:
8 -- Inside Source
9 access-list 1 pool ospf-source refcount 2
10 pool ospf-source: netmask 255.255.255.0
11 start 192.168.3.50 end 192.168.3.99
12 type generic, total addresses 50, allocated 1 (2%), misses 0
Figure 7-46
1 Moscow#sho ip prot
2 Routing Protocol is "ospf 200"
3 Sending updates every 0 seconds
4 Invalid after 0 seconds, hold down 0, flushed after 0
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: ospf 200
8 Routing for Networks:
9 10.1.1.12/30
10 10.1.1.8/30
11 10.1.254.252/30
12 Routing Information Sources:
13 Gateway Distance Last Update
14 10.0.254.253 110 00:07:54
15 192.168.1.2 110 00:07:54
16 Distance: (default is 110)
Figure 7-47
1 Moscow#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
12 C 10.1.1.8/30 is directly connected, Serial1
13 C 10.1.1.12/30 is directly connected, Serial0
14 C 10.1.254.252/30 is directly connected, Loopback0
15 O IA 10.0.0.0/16 [110/801] via 10.1.1.14, 00:07:59, Serial0
16 O 10.1.1.4/30 [110/1600] via 10.1.1.9, 00:07:59, Serial1
17 [110/1600] via 10.1.1.14, 00:07:59, Serial0
18 C 192.168.2.0/24 is directly connected, Ethernet0
19 S* 0.0.0.0/0 is directly connected, Ethernet0
Figure 7-48
1 !
2 hostname Paris
3 !
4 ip nat pool ospf-source 192.168.3.50 192.168.3.99 netmask 255.255.255.0
5 ip nat inside source list 1 pool ospf-source overload
6 ip nat inside source static 10.0.1.1 192.168.3.1
7 ip nat outside source static 10.1.1.1 192.168.3.254
8 no ip domain-lookup
9 !
10 interface Loopback0
11 ip address 10.1.254.249 255.255.255.252
12 !
13 interface Ethernet0
14 ip address 192.168.1.2 255.255.255.0
15 ip nat outside
16 no ip route-cache
17 no ip mroute-cache
18 !
19 interface Serial0
20 ip address 10.1.1.9 255.255.255.252
21 no ip route-cache
22 no ip mroute-cache
23 bandwidth 125
24 no fair-queue
25 !
26 interface Serial1
27 ip address 10.1.1.5 255.255.255.252
28 ip nat inside
29 no ip route-cache
30 bandwidth 125
31 clockrate 125000
32 !
33 router ospf 200
34 network 10.1.1.8 0.0.0.3 area 1
35 network 10.1.1.4 0.0.0.3 area 1
36 network 10.1.254.248 0.0.0.3 area 1
37 default-information originate always metric 1 metric-type 1
38 !
39 ip classless
40 ip route 0.0.0.0 0.0.0.0 Ethernet0
41 access-list 1 permit 10.0.0.0 0.255.255.255
42 !
43 line con 0
44 exec-timeout 0 0
45 length 0
46 !
47 end
Figure 7-49
1 Paris#sho debug
2 Generic IP:
3 IP NAT debugging is on
4 Paris#clear ip nat tran ?
5 * Delete all dynamic translations
6 inside Inside addresses (and ports)
7 outside Outside addresses (and ports)
8 tcp Transmission Control Protocol
9 udp User Datagram Protocol
10
11 Paris#clear ip nat tran *
12 Paris#clear ip nat stat
13 Paris#sho ip nat tran
14 Pro Inside global Inside local Outside local Outside global
15 --- --- --- 192.168.3.254 10.1.1.1
16 --- 192.168.3.1 10.0.1.1 --- ---
17 Paris#sho ip nat stat
18 Total active translations: 2 (2 static, 0 dynamic; 0 extended)
19 Outside interfaces: Ethernet0
20 Inside interfaces: Serial1
21 Hits: 0 Misses: 0
22 Expired translations: 0
23 Dynamic mappings:
24 -- Inside Source
25 access-list 1 pool ospf-source refcount 0
26 pool ospf-source: netmask 255.255.255.0
27 start 192.168.3.50 end 192.168.3.99
28 type generic, total addresses 50, allocated 0 (0%), misses 0
Figure 7-50
1 !EIGRP to Rome E0
2 NAT: s=10.1.2.2, d=192.168.3.1->10.0.1.1 [10]
3 NAT: s=10.0.1.1->192.168.3.1, d=10.1.2.2 [10]
4 NAT: s=10.1.2.2, d=192.168.3.1->10.0.1.1 [12]
5 NAT: s=10.0.1.1->192.168.3.1, d=10.1.2.2 [12]
6 NAT: s=10.1.2.2, d=192.168.3.1->10.0.1.1 [14]
7 NAT: s=10.0.1.1->192.168.3.1, d=10.1.2.2 [14]
8 !Regular OSPF to Tokyo E0
9 NAT: s=10.1.1.14->192.168.3.50, d=192.168.3.254 [151]
10 NAT: s=192.168.3.50, d=192.168.3.254->10.1.1.1 [151]
11 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.50 [151]
12 NAT: s=192.168.3.254, d=192.168.3.50->10.1.1.14 [151]
13 NAT: s=10.1.1.14->192.168.3.50, d=192.168.3.254 [153]
14 NAT: s=192.168.3.50, d=192.168.3.254->10.1.1.1 [153]
15 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.50 [153]
16 NAT: s=192.168.3.254, d=192.168.3.50->10.1.1.14 [153]
17 !Dynamic Mapping Cleanup
18 NAT: expiring 192.168.3.50 (10.1.1.6) icmp 1410 (1410)
19 NAT: expiring 192.168.3.50 (10.1.1.6) icmp 1412 (1412)
20 NAT: expiring 192.168.3.50 (10.1.1.6) icmp 1414 (1414)
21 NAT: expiring 192.168.3.50 (10.1.1.14) icmp 8409 (8409)
22 NAT: expiring 192.168.3.50 (10.1.1.14) icmp 8411 (8411)
23 !Static 10.0.1.1 to Tokyo E0
24 NAT: s=10.0.1.1->192.168.3.1, d=192.168.3.254 [155]
25 NAT: s=192.168.3.1, d=192.168.3.254->10.1.1.1 [155]
26 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.1 [155]
27 NAT: s=192.168.3.254, d=192.168.3.1->10.0.1.1 [155]
28 NAT: s=10.0.1.1->192.168.3.1, d=192.168.3.254 [157]
29 NAT: s=192.168.3.1, d=192.168.3.254->10.1.1.1 [157]
30 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.1 [157]
31 NAT: s=192.168.3.254, d=192.168.3.1->10.0.1.1 [157]
32 NAT: s=10.0.1.1->192.168.3.1, d=192.168.3.254 [159]
33 NAT: s=192.168.3.1, d=192.168.3.254->10.1.1.1 [159]
34 NAT: s=10.1.1.1->192.168.3.254, d=192.168.3.1 [159]
Figure 7-51
1 Pro Inside global Inside local Outside local Outside global
2 icmp 192.168.3.50:2449 10.1.1.6:2449 192.168.3.254:2449 10.1.1.1:2449
3 icmp 192.168.3.50:2447 10.1.1.6:2447 192.168.3.254:2447 10.1.1.1:2447
4 icmp 192.168.3.50:2445 10.1.1.6:2445 192.168.3.254:2445 10.1.1.1:2445
5 --- --- --- 192.168.3.254 10.1.1.1
6 --- 192.168.3.1 10.0.1.1 --- ---
Figure 7-52
1 Routing Protocol is "ospf 200"
2 Sending updates every 0 seconds
3 Invalid after 0 seconds, hold down 0, flushed after 0
4 Outgoing update filter list for all interfaces is not set
5 Incoming update filter list for all interfaces is not set
6 Redistributing: ospf 200
7 Routing for Networks:
8 10.1.1.8/30
9 10.1.1.4/30
10 10.1.254.248/30
11 Routing Information Sources:
12 Gateway Distance Last Update
13 10.1.254.253 110 00:10:09
14 10.0.254.253 110 00:10:09
15 Distance: (default is 110)
Figure 7-53
1 Paris#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10
11 10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
12 C 10.1.1.8/30 is directly connected, Serial0
13 O 10.1.1.12/30 [110/1600] via 10.1.1.6, 00:10:14, Serial1
14 [110/1600] via 10.1.1.10, 00:10:14, Serial0
15 O 10.1.254.253/32 [110/801] via 10.1.1.10, 00:10:14, Serial0
16 O IA 10.0.0.0/16 [110/801] via 10.1.1.6, 00:10:14, Serial1
17 C 10.1.1.4/30 is directly connected, Serial1
18 C 192.168.1.0/24 is directly connected, Ethernet0
19 S* 0.0.0.0/0 is directly connected, Ethernet0
Figure 7-54
1 !
2 hostname Rome
3 !
4 no ip domain-lookup
5 !
6 interface Loopback0
7 ip address 10.0.254.253 255.255.255.252
8 !
9 interface Ethernet0
10 ip address 10.0.1.1 255.255.255.0
11 !
12 interface Serial0
13 ip address 10.1.1.6 255.255.255.252
14 bandwidth 125
15 !
16 interface Serial1
17 ip address 10.1.1.14 255.255.255.252
18 bandwidth 125
19 clockrate 125000
20 !
21 router ospf 200
22 network 10.0.254.252 0.0.0.3 area 0
23 network 10.1.1.12 0.0.0.3 area 1
24 network 10.1.1.4 0.0.0.3 area 1
25 network 10.0.1.0 0.0.0.255 area 0
26 area 0 range 10.0.0.0 255.255.0.0
27 area 1 range 10.1.0.0 255.255.0.0
28 !
29 ip classless
30 !
31 line con 0
32 exec-timeout 0 0
33 length 0
34 !
35 end
Figure 7-55
1 Rome#ping 192.168.3.254
2
3 Type escape sequence to abort.
4 Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds:
5 !!!!!
6 Success rate is 100 percent (5/5), round-trip min/avg/max = 40/45/52 ms
7 Rome#ping 192.168.3.254
8
9 Type escape sequence to abort.
10 Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds:
11 !!!!!
12 Success rate is 100 percent (5/5), round-trip min/avg/max = 40/45/56 ms
13 Rome#ping
14 Protocol [ip]:
15 Target IP address: 192.168.3.254
16 Repeat count [5]:
17 Datagram size [100]:
18 Timeout in seconds [2]:
19 Extended commands [n]: y
20 Source address or interface: 10.0.1.1
21 Type of service [0]:
22 Set DF bit in IP header? [no]:
23 Validate reply data? [no]:
24 Data pattern [0xABCD]:
25 Loose, Strict, Record, Timestamp, Verbose[none]: r
26 Number of hops [ 9 ]:
27 Loose, Strict, Record, Timestamp, Verbose[RV]:
28 Sweep range of sizes [n]:
29 Type escape sequence to abort.
30 Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds:
31
32 Reply to request 0 (48 ms). Received packet has options
33 Total option bytes= 40, padded length=40
34 Record route: 10.1.1.6 192.168.1.2 10.1.2.1 10.1.1.1
35 10.1.2.2 192.168.1.1 10.1.1.5 10.0.1.1 <*> 0.0.0.0
36 End of list
37
38 Reply to request 1 (44 ms). Received packet has options
39 Total option bytes= 40, padded length=40
40 Record route: 10.1.1.14 192.168.2.2 10.1.4.2 10.1.1.1
41 10.1.4.1 192.168.2.1 10.1.1.13 10.0.1.1 <*> 0.0.0.0
42 End of list
43
44 Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms
Figure 7-56
1 Rome#sho ip prot
2 Routing Protocol is "ospf 200"
3 Sending updates every 0 seconds
4 Invalid after 0 seconds, hold down 0, flushed after 0
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: ospf 200
8 Routing for Networks:
9 10.0.254.252/30
10 10.1.1.12/30
11 10.1.1.4/30
12 10.0.1.0/24
13 Routing Information Sources:
14 Gateway Distance Last Update
15 10.1.254.253 110 00:14:14
16 10.1.254.249 110 04:19:28
17 192.168.1.2 110 00:14:14
18 192.168.3.200 110 01:30:15
19 Distance: (default is 110)
Figure 7-57
1 Rome#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is 10.1.1.5 to network 0.0.0.0
10
11 10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
12 O 10.1.1.8/30 [110/1600] via 10.1.1.5, 00:14:16, Serial0
13 [110/1600] via 10.1.1.13, 00:14:16, Serial1
14 C 10.1.1.12/30 is directly connected, Serial1
15 O 10.1.254.253/32 [110/801] via 10.1.1.13, 00:14:16, Serial1
16 C 10.0.254.252/30 is directly connected, Loopback0
17 C 10.0.1.0/24 is directly connected, Ethernet0
18 C 10.1.1.4/30 is directly connected, Serial0
19 O*E1 0.0.0.0/0 [110/801] via 10.1.1.5, 00:14:17, Serial0
20 [110/801] via 10.1.1.13, 00:14:17, Serial1
Figure 7-58
Figure 7-59
1 !
2 hostname NewYork
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 172.16.1.1 255.255.255.0
8 !
9 interface Serial0
10 ip address 172.16.2.1 255.255.255.0
11 bandwidth 125
12 !
13 router rip
14 network 172.16.0.0
15 !
16 ip classless
17 !
18 line con 0
19 exec-timeout 0 0
20 length 0
21 !
22 end
Figure 7-60
1 NewYork#ping 172.16.3.4
2
3 Type escape sequence to abort.
4 Sending 5, 100-byte ICMP Echos to 172.16.3.4, timeout is 2 seconds:
5 .....
6 Success rate is 0 percent (0/5)
7 NewYork#telnet 172.16.3.4
8 Trying 172.16.3.4 ...
9 % Connection timed out; remote host not responding
10
11 NewYork#telnet 172.16.3.4
12 Trying 172.16.3.4 ... Open
13
14
15 User Access Verification
16
17 Password:
18 Paris>sho ip int brief
19 Interface IP-Address OK? Method Status Protocol
20 BRI0 unassigned YES unset administratively down down
21 BRI0:1 unassigned YES unset administratively down down
22 BRI0:2 unassigned YES unset administratively down down
23 Ethernet0 172.16.3.2 YES manual up up
24 Serial0 unassigned YES unset administratively down down
25 Serial1 unassigned YES unset administratively down down
26 Serial2 unassigned YES unset administratively down down
27 Serial3 unassigned YES unset administratively down down
28 Paris>quit
29
30 [Connection to 172.16.3.4 closed by foreign host]
Figure 7-61
1 NewYork#sho ip prot
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 9 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial0 1 1 2
12 Routing for Networks:
13 172.16.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 172.16.2.2 120 00:00:07
17 Distance: (default is 120)
Figure 7-62
1 NewYork#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 172.16.0.0/24 is subnetted, 3 subnets
12 C 172.16.1.0 is directly connected, Ethernet0
13 C 172.16.2.0 is directly connected, Serial0
14 R 172.16.3.0 [120/1] via 172.16.2.2, 00:00:18, Serial0
Figure 7-63
1 !
2 hostname London
3 !
4 ip nat pool shared-hosts 172.16.3.2 172.16.3.3 prefix-length 24 type rotary
5 ip nat inside destination list 1 pool shared-hosts
6 no ip domain-lookup
7 !
8 interface Ethernet0
9 ip address 172.16.3.1 255.255.255.0
10 ip nat inside
11 !
12 interface Serial1
13 ip address 172.16.2.2 255.255.255.0
14 ip nat outside
15 bandwidth 125
16 clockrate 125000
17 !
18 router rip
19 network 172.16.0.0
20 !
21 ip classless
22 access-list 1 permit 172.16.3.4
23 !
24 line con 0
25 exec-timeout 0 0
26 length 0
27 !
28 end
Figure 7-64
1 London#sho ip nat stat
2 Total active translations: 0 (0 static, 0 dynamic; 0 extended)
3 Outside interfaces: Serial1
4 Inside interfaces: Ethernet0
5 Hits: 0 Misses: 0
6 Expired translations: 0
7 Dynamic mappings:
8 -- Inside Destination
9 access-list 1 pool shared-hosts refcount 0
10 pool shared-hosts: netmask 255.255.255.0
11 start 172.16.3.2 end 172.16.3.3
12 type rotary, total addresses 2, allocated 0 (0%), misses 0
13 London#sho ip nat tran
14 London#debug ip nat
15 IP NAT debugging is on
16 London#debug ip nat detailed
17 IP NAT detailed debugging is on
18 London#debug ip nat ?
19 <1-99> Access list
20 detailed NAT detailed events
21
22
23 London#debug ip nat 1
24 IP NAT debugging is on
Figure 7-65
1 !Unsuccessful PING, this is a TCP load sharing process!
2 NAT: o: icmp (172.16.2.1, 4628) -> (172.16.3.4, 4628) [30]
3 NAT: o: icmp (172.16.2.1, 4629) -> (172.16.3.4, 4629) [31]
4 NAT: o: icmp (172.16.2.1, 4630) -> (172.16.3.4, 4630) [32]
5 NAT: o: icmp (172.16.2.1, 4631) -> (172.16.3.4, 4631) [33]
6 NAT: o: icmp (172.16.2.1, 4632) -> (172.16.3.4, 4632) [34]
7 !Translated input request, but 172.16.3.4 is not present
8 NAT: o: tcp (172.16.2.1, 11005) -> (172.16.3.4, 23) [0]
9 NAT: s=172.16.2.1, d=172.16.3.4->172.16.3.3 [0]
10 NAT: o: tcp (172.16.2.1, 11005) -> (172.16.3.4, 23) [0]
11 NAT: s=172.16.2.1, d=172.16.3.4->172.16.3.3 [0]
12 NAT: o: tcp (172.16.2.1, 11005) -> (172.16.3.4, 23) [0]
13 NAT: s=172.16.2.1, d=172.16.3.4->172.16.3.3 [0]
14 NAT: o: tcp (172.16.2.1, 11005) -> (172.16.3.4, 23) [0]
15 NAT: s=172.16.2.1, d=172.16.3.4->172.16.3.3 [0]
16 NAT: o: tcp (172.16.2.1, 11006) -> (172.16.3.4, 23) [0]
17 !Successful load share access to 172.16.3.2
18 NAT: o: tcp (172.16.2.1, 11006) -> (172.16.3.4, 23) [0]
19 NAT: s=172.16.2.1, d=172.16.3.4->172.16.3.2 [0]
20 NAT: i: tcp (172.16.3.2, 23) -> (172.16.2.1, 11006) [0]
21 NAT: s=172.16.3.2->172.16.3.4, d=172.16.2.1 [0]
22 NAT*: o: tcp (172.16.2.1, 11006) -> (172.16.3.4, 23) [1]
23 NAT*: s=172.16.2.1, d=172.16.3.4->172.16.3.2 [1]
24 NAT*: o: tcp (172.16.2.1, 11006) -> (172.16.3.4, 23) [2]
25 NAT*: s=172.16.2.1, d=172.16.3.4->172.16.3.2 [2]
26 NAT*: o: tcp (172.16.2.1, 11006) -> (172.16.3.4, 23) [3]
27 NAT*: s=172.16.2.1, d=172.16.3.4->172.16.3.2 [3]
28 NAT*: i: tcp (172.16.3.2, 23) -> (172.16.2.1, 11006) [1]
Figure 7-66
1 London#sho ip nat statistics
2 Total active translations: 1 (0 static, 1 dynamic; 1 extended)
3 Outside interfaces: Serial1
4 Inside interfaces: Ethernet0
5 Hits: 84 Misses: 2
6 Expired translations: 1
7 Dynamic mappings:
8 -- Inside Destination
9 access-list 1 pool shared-hosts refcount 1
10 pool shared-hosts: netmask 255.255.255.0
11 start 172.16.3.2 end 172.16.3.3
12 type rotary, total addresses 2, allocated 1 (50%), misses 0
13
14 London#sho ip nat translation
15 Pro Inside global Inside local Outside local Outside global
16 tcp 172.16.3.4:23 172.16.3.2:23 172.16.2.1:11006 172.16.2.1:11006
17 London#
18
19 NAT: expiring 172.16.3.4 (172.16.3.2) tcp 23 (23)
Figure 7-67
1 London#sho ip prot
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 17 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Serial1 1 1 2
12 Routing for Networks:
13 172.16.0.0
14 Routing Information Sources:
15 Gateway Distance Last Update
16 172.16.2.1 120 00:00:20
17 Distance: (default is 120)
Figure 7-68
1 London#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 172.16.0.0/24 is subnetted, 3 subnets
12 R 172.16.1.0 [120/1] via 172.16.2.1, 00:00:24, Serial1
13 C 172.16.2.0 is directly connected, Serial1
14 C 172.16.3.0 is directly connected, Ethernet0
Figure 7-69
1 !
2 hostname Paris
3 !
4 no ip domain-lookup
5 !
6 interface Ethernet0
7 ip address 172.16.3.2 255.255.255.0
8 !
9 router rip
10 network 172.16.0.0
11 !
12 ip classless
13 !
14 line con 0
15 exec-timeout 0 0
16 length 0
17 !
18 end
Figure 7-70
1 Paris#sho ip prot
2 Routing Protocol is "rip"
3 Sending updates every 30 seconds, next due in 19 seconds
4 Invalid after 180 seconds, hold down 180, flushed after 240
5 Outgoing update filter list for all interfaces is not set
6 Incoming update filter list for all interfaces is not set
7 Redistributing: rip
8 Default version control: send version 1, receive any version
9 Interface Send Recv Key-chain
10 Ethernet0 1 1 2
11 Routing for Networks:
12 172.16.0.0
13 Routing Information Sources:
14 Gateway Distance Last Update
15 172.16.3.1 120 00:00:11
16 Distance: (default is 120)
Figure 7-71
1 Paris#sho ip route
2 Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
6 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
7 U - per-user static route, o - ODR
8
9 Gateway of last resort is not set
10
11 172.16.0.0/24 is subnetted, 3 subnets
12 R 172.16.1.0 [120/2] via 172.16.3.1, 00:00:16, Ethernet0
13 R 172.16.2.0 [120/1] via 172.16.3.1, 00:00:16, Ethernet0
14 C 172.16.3.0 is directly connected, Ethernet0
Close Window
