一、简介
NAT的诞生是由于全球ip地址的枯竭为背景的
二、类型
1.内网上网
①动态NAT
②端口复用NAT
2.内网服务器映射
①一对一映射
②端口映射
3.内网服务器的TCP负载均衡
三、cisco的配置
1.内网上网
①动态NAT
R3:
内网网关ip:192.168.1.254
外网ip:12.1.1.1
interfacef0/0
ip address 192.168.1.254 255.255.255.0
no shutdown
ip natinside
interface f0/1
ip address12.1.1.1255.255.255.0
no shutdown
ip natoutside
access-list 1 permit 192.168.1.0 0.0.0.255
ip nat pool out2internet 12.1.1.10 12.1.1.20 netmask 255.255.255.0
ip nat inside source list 1 pool out2internet [overload]
②端口复用
与动态NAT不同的是定义的nat地址池是单个ip(起始和结束ip同一个),且nat全局配置的末尾需要加overload参数:
ip nat inside source list 1 pool out2internet overload
2.内网服务器映射
①一对一ip映射
内网服务器ip:192.168.1.1
内网网关ip:192.168.1.254
外网映射的ip:218.85.157.99
interface f0/0
ip address 192.168.1.254 255.255.255.0
no shutdown
ip nat inside
interface f0/1
ip address 218.85.157.99 255.255.255.0
ip nat outside
no shutdown
ip nat inside source static 192.168.1.1 218.85.157.90
②端口映射,这里以80web服务为例子
ip地址以及接口的配置均与1对1映射一致
ip nat inside source tcp 192.168.1.1 80 218.85.157.90 80
3.内网服务器的TCP负载均衡
1)interface f0/0ip nat inside
ip address 192.168.1.254 255.255.255.0
no shutdownint f1/0ip nat outside
ip address 218.85.157.90 255.255.255.0
no shutdown
2)access-list 1 permit host 218.85.157.90//定义公网ACL(只能出接口的ip地址)
3)ip nat pool cisco 192.168.1.1 192.168.1.2 netmask 255.255.255.0 typerotary//定义内网负载均衡的地址池
4)ip nat inside destination list 1 pool cisco