千家信息网

NAT的extendable参数,使得一个地址被不同接口NAT出去测试

发表于:2024-11-22 作者:千家信息网编辑
千家信息网最后更新 2024年11月22日,一.测试拓扑:二.基本思路和笔试题目:A.基本思路:通过使用NAT extendable参数,使得内部一个地址能在不同接口以不同地址NAT出去,否则内部一个地址只能配静态NAT一次。B.笔试题目:An
千家信息网最后更新 2024年11月22日NAT的extendable参数,使得一个地址被不同接口NAT出去测试

一.测试拓扑:

二.基本思路和笔试题目:

A.基本思路:

通过使用NAT extendable参数,使得内部一个地址能在不同接口以不同地址NAT出去,否则内部一个地址只能配静态NAT一次。

B.笔试题目:

An internal DNS server requires a NAT on a Cisco IOS router that is dual-homed to separate ISPs using distinct CIDR blocks. Which NAT capability is required to allow hosts in each CIDR block to contact the DNS server via one translated address?

答案:NAT extendable

三.基本配置:

A.R1路由器:

interface Ethernet0/0
ip address 202.100.1.2 255.255.255.0

no shut

B.R2路由器:

interface Ethernet0/0
ip address 61.1.1.2 255.255.255.0

no shut

C.R3路由器:

interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip nat inside
no shut
interface Ethernet0/1
ip address 202.100.1.1 255.255.255.0
ip nat outside
no shut
interface Ethernet0/2
ip address 61.128.1.1 255.255.255.0
ip nat outside
no shut

D.R4路由器

interface Ethernet0/0
ip address 10.1.1.2 255.255.255.0
sno shut

ip route 0.0.0.0 0.0.0.0 10.1.1.1

line vty 0 5
password cisco
login

四.NAT extendable配置:

A.R3路由器:

ip nat inside source static 10.1.1.2 61.128.1.8 extendable
ip nat inside source static 10.1.1.2 202.100.1.8 extendable

B.测试:
R1#telnet 202.100.1.8
Trying 202.100.1.8 ... Open


User Access Verification

Password:
R4>show users
Line User Host(s) Idle Location
0 con 0 idle 06:08:16
*130 vty 0 idle 00:00:00 202.100.1.2

Interface User Mode Idle Peer Address


R2#telnet 61.128.1.8
Trying 61.128.1.8 ... Open


User Access Verification

Password:
R4>show users
Line User Host(s) Idle Location
0 con 0 idle 06:09:06
130 vty 0 idle 00:00:49 202.100.1.2
*131 vty 1 idle 00:00:00 61.128.1.2

Interface User Mode Idle Peer Address

0