Carrier-Grade NAT


When configuring [NAT](/network-address-translation-nat), it is possible to specify that the outside IP address used for the translation is the actual IP address that is on the interface. For example, in the following topology, one can use the 192.168.23.2 address on the Fa1/0 interface of R2 as the outside address.

![nat-port-forwarding-inside-outside.png](/attachments/nat-port-forwarding-inside-outside.png)

However, it is possible to specify **a different outside address** for translation. This address **doesn’t have to be configured on any particular interface**, and it doesn’t even have to be on the same subnet as the IP address on the outside interface. You could, for example, use the 10.10.10.10 outside address on the outside interface of R2 in the above topology.

This simply indicates to the NAT process the IP address translation that should take place when traversing the NAT router. NAT doesn’t care if the address is assigned to an interface or not. In essence, if you configure a translation between 192.168.12.1 and 10.10.10.10, this means that:

-   When a packet with a source IP address of 192.168.12.1 traverses the NAT router, it will exit the outside interface with the source IP address field replaced with 10.10.10.10.
-   Similarly, when a packet arrives at the outside interface with a destination address of 10.10.10.10, the NAT process will replace that IP address in the destination field of the IP header with 192.168.12.1.

The only issue here is that you must make sure that the outside network, in this case, the [WAN](/wide-area-network), **knows that the 10.10.10.10 address should be routed to the Fa1/0 interface.** If there is no [routing](/routing) information that lets the “outside world” know that, then packets for such a translation will never take place. This is why typically, you would use the actual configured IP address of the outside interface or an address on the same subnet so that you can make sure that traffic will be able to find that outside interface of your NAT router.


Links:

https://networklessons.com/cisco/ccie-routing-switching/cisco-ios-nat-port-forwarding/



NAT port forwarding - specifying outside IP address

Multicast - routing over the Internet

Multicast - troubleshooting multicast routing

Multicast Anycast RP

Multicast Cisco Group Management Protocol

Multicast IGMPv3 include and exclude modes

Multicast IPv4 address space

Multicast MAC addresses

Multicast Mapping Agent and RP placement

Multicast OIL IIF mroute table

Multicast PIM Assert and dense mode

Multicast PIM Auto RP and Mapping Agent single device

Multicast PIM Bidirectional mode traffic between sources and RPs

Multicast PIM Bootstrap (BSR) election

Multicast PIM Designated Router sparse mode

Multicast PIM dense mode

Multicast PIM neighbors are stateless

Multicast PIM send-rp-announce-scope

Multicast PIM sparse mode Rendezvous Point (RP)

Multicast PIM sparse mode

Multicast PIM sparse-dense mode

Multicast PIM with multiple RPs

Multicast PIM with multiple mapping-agents

Multicast PIM-assert forwarder election

Multicast SPT and RPT

Multicast bidirectional PIM advantages

Multicast boundary filtering - filter auto RP

Multicast enabling Bidir in BSR mode

Multicast ip pim autorp listener

Multicast ip pim rp-address override

Multicast load splitting across equal-cost paths

Multicast local subnetwork address range

Multicast mapping IP to MAC addresses

Multicast mapping agent IGMP membership report

Multicast ping on a Nexus device

Multicast using Anycast RP with Auto-RP and BSR

Multicast

NAT - Translation Table

NAT - Twice NAT

NAT - Understanding debug nat detailed output

NAT - Virtual Interface (NVI)

NAT - add-route keyword

NAT - ports used for translation

NAT - translate address not directly connected to edge device

NAT Extendable on Cisco IOS

NAT Order of Operation

NAT address naming conventions

NAT and IPv6

NAT how port numbers are chosen when using PAT

NAT intra-VRF NAT

NAT prefix-length keyword on nat pool command

NAT vrf-aware

NBAR classifies only established sessions

NETCONF

NHRP - Authentication

NHRP - Destination Protocol Address

NHRP - Holding Time

NHRP - resolution redirect from hub

NHRP show ip nhrp flags

NHRP

NTP - securing with MD5 authentication and a Windows NTP server

NTP poll interval

NTP server and client and the master command

NTP troubleshooting and debugging tools

NTP versions 3 and 4

Native VLANs and untagged frames

NetFlow - Flow Samplers

NetFlow - applying to an SVI

NetFlow - what is a flow

NetFlow local cache size

NetFlow

Network - Discontiguous or Discontinuous

Network - Discontiguous

Network - Example of communication, encapsulation, and decapsulation, between hosts

Network - Flapping

Network - Layer 2 network

Network - Layer 3 network

Network - Monitoring multiple IPs of a single device with Observium

Network - Observium vs LibreNMS

Network - broadcast domain

Network - control plane

Network - data plane

Network Address Translation (NAT)

Network Collisions

Network Design - Spine and leaf architecture

Network Design - Switch oversubscription ratios

Network Design - Traffic Engineering

Network Design - on-premises and off-premises

Network Time Protocol (NTP)

Network design - confine VLANs to as few access switches as possible

Network planes

Networking - what is a socket

Networks - Overlay Network

Networks - Overlay Transport Virtualization (OTV)

Networks - Spanning Layer 2 networks across remote sites

Networks - Underlay Network

Next Generation Multicast Virtual Private Network (NG-MVPN)

Nexus - using vPC with HSRP

Nexus - what is vPC

Nexus lacp rate fast

NAT port forwarding - specifying outside IP address

Links to this page: