TTEP.CN > 手机 >
nat路由地址转换
nat路由地址转换
nat
lo0:2.2 r1(R2) s1/0 ---- s2/0 r1(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
step 1...
r1:
en
config t
hostname R2
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 192.168.0.2 255.255.255.0
no shutdown
exit
r2
en
config t
hostname R1
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s2/0
ip add 192.168.0.1 255.255.255.0
no shutdown
exit
int s1/0
ip add 13.1.1.1 255.255.255.0
no shutdown
exit
r3
en
config t
hostname R3
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 3.3.3.3 255.255.255.255
exit
int s2/0
ip add 13.1.1.3 255.255.255.0
no shutdown
exit
R1 ping 13.1.1.3
r1 ping 192.168.0.2
---------------------------------------------------------------------------
step 2
r1
config t
access-list 10 permit 192.168.0.0 0.0.0.255
end
r1 show ip access-list
r1 config t
ip nat pool ?
ip nat pool natpool ?
ip nat pool natpool 13.1.1.1 ?
ip nat pool natpool 13.1.1.1 13.1.1.1 ? (只有13.1.1.1这个地址)/
/ ip nat pool natpool 13.1.1.1 13.1.1.2 (有两个地址)
ip nat pool natpool 13.1.1.1 13.1.1.2 netmask /
/ ip nat pool natpool 13.1.1.1 13.1.1.2 prefix-length ?
ip nat pool natpool 13.1.1.1 13.1.1.2 prefix-length 24
end
r1 config t
interface s1/0
ip nat outside
exit
interface s2/0
ip nat inside
exit
ip nat ?
ip nat inside ?
ip nat inside source ?
ip nat inside source list ?
ip nat inside source list 10 ?
ip nat inside source list 10 pool ?
ip nat inside source list 10 pool natpool
end
r1 show ip nat ?
r1 show ip nat
------------------------------------------------------------------------------------
step 3
r2 config t
no ip routing (关掉让r2的路由功能)
end
r2 show ip route
r2 config t
ip routing (打开r2路由功能)
end
r2 show ip route
r2 config t
no ip routing
end
-----------------------------------------------------------------------------------
step 4
r2 ping 3.3.3.3
r2 config t
ip default-gateway 192.168.0.1 (设定默认网关路由 ,这个需在路由器关闭路由功能下做)
end
r2 ping 3.3.3.3
r2 debug ip packet
r2 unade all
r1 config t
intface s1/0
no ip rote-cache
exit
r1 debug ip packet
r1 unde all
r1 show ip route
r1 config t
ip route 3.3.3.3 255.255.255.255 s1/0 13.1.1.3
end
r1 show ip route
r1 show run
r1 config t
no ip route 3.3.3.3 255.255.255.255 s1/0 13.1.1.3 (因为把R3当成ISP只能写默认路由)
end
r1 config t
ip route 0.0.0.0 0.0.0.0.0 s1/0 13.1.1.3 (默认路由)
end
r1 show ip route
r2 ping 3.3.3.3
r2 debug ip packet
r2 ping 3.3.3.3
r1 debug ip packet
r1 config t
interface s1/0
no ip route-cache
end
r2 ping 3.3.3.3
r1 unde all
r3 debug ip packet
r3 unde all
----------------------------------------------------------------------------------
step 5
r1 show ip nat translations
r1 show run (看地址池有多少地址)
r2 config t
intface s1/0
ip add 192.168.0.3 255.255.255.0 secondary (起辅助地址模拟另一PC )
end
R2 ping 3.3.3.3 source 192.168.0.2
r2 ping 3.3.3.3 source 192.168.0.3
r1 show ip nat translations
r2 conifig t
int s1/0
ip add 192.168.0.4 255.255.255.0 secondary (起辅助地址再模拟一PC)
end
r2 ping 3.3.3.3 source 192.168.0.4
u u u u (这次ping不通 因为nat是一对一的地址转换)
r1 show ip nat translations (可以看到两个地址已被占用了)
r1 clear ip nat translation * (清空)
r1 show ip nat translations (应该空的)
r2 ping 3.3.3.3 source 192.168.0.4
!!!!!
r2 ping 3.3.3.3 source 192.168.0.3
!!!!!
r2 ping 3.3.3.3 source 192.168.0.2
uuuu (它不通没地址了)
r1 show ip nat translations
r1 debug ip packet
r2 debug ip packet
r3 debug ip packet
r1 clear ip nat translation *
r2 ping 3.3.3.3 source 192.168.0.2
---------------------------------------------------------------------------------------
r2 s:192.168.0.2 d 3.3.3.3
r1 s: 13.1.1.1 d: 3.3.3.3
ip nat inside source list 10 pool natpool
natpool: 13.1.1.1---13.1.1.2
rcvd:收到
传统的路由网中 第三层地址不会因为路由器的转发而改变
NAT 就是把一个或者多个地址转换成另一个地址
--------------------------------------------------------------------------------
pat
先配好IP地址
r1 show ip int bri
r2 show ip int bri
r3 show ip int bri
r2 config t
no ip routing
no ip default-gateway 192.168.0.1
exit
r1 config t
ip route 0.0.0.0 0.0.0.0 13.1.1.3
nat
lo0:2.2 r1(R2) s1/0 ---- s2/0 r1(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
step 1...
r1:
en
config t
hostname R2
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 192.168.0.2 255.255.255.0
no shutdown
exit
r2
en
config t
hostname R1
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s2/0
ip add 192.168.0.1 255.255.255.0
no shutdown
exit
int s1/0
ip add 13.1.1.1 255.255.255.0
no shutdown
exit
r3
en
config t
hostname R3
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 3.3.3.3 255.255.255.255
exit
int s2/0
ip add 13.1.1.3 255.255.255.0
no shutdown
exit
R1 ping 13.1.1.3
r1 ping 192.168.0.2
---------------------------------------------------------------------------
step 2
r1
config t
access-list 10 permit 192.168.0.0 0.0.0.255
end
r1 show ip access-list
r1 config t
ip nat pool ?
ip nat pool natpool ?
ip nat pool natpool 13.1.1.1 ?
ip nat pool natpool 13.1.1.1 13.1.1.1 ? (只有13.1.1.1这个地址)/
/ ip nat pool natpool 13.1.1.1 13.1.1.2 (有两个地址)
ip nat pool natpool 13.1.1.1 13.1.1.2 netmask /
/ ip nat pool natpool 13.1.1.1 13.1.1.2 prefix-length ?
ip nat pool natpool 13.1.1.1 13.1.1.2 prefix-length 24
end
r1 config t
interface s1/0
ip nat outside
exit
interface s2/0
ip nat inside
exit
ip nat ?
ip nat inside ?
ip nat inside source ?
ip nat inside source list ?
ip nat inside source list 10 ?
ip nat inside source list 10 pool ?
ip nat inside source list 10 pool natpool
end
r1 show ip nat ?
r1 show ip nat
------------------------------------------------------------------------------------
step 3
r2 config t
no ip routing (关掉让r2的路由功能)
end
r2 show ip route
r2 config t
ip routing (打开r2路由功能)
end
r2 show ip route
r2 config t
no ip routing
end
-----------------------------------------------------------------------------------
step 4
r2 ping 3.3.3.3
r2 config t
ip default-gateway 192.168.0.1 (设定默认网关路由 ,这个需在路由器关闭路由功能下做)
end
r2 ping 3.3.3.3
r2 debug ip packet
r2 unade all
r1 config t
intface s1/0
no ip rote-cache
exit
r1 debug ip packet
r1 unde all
r1 show ip route
r1 config t
ip route 3.3.3.3 255.255.255.255 s1/0 13.1.1.3
end
r1 show ip route
r1 show run
r1 config t
no ip route 3.3.3.3 255.255.255.255 s1/0 13.1.1.3 (因为把R3当成ISP只能写默认路由)
end
r1 config t
ip route 0.0.0.0 0.0.0.0.0 s1/0 13.1.1.3 (默认路由)
end
r1 show ip route
r2 ping 3.3.3.3
r2 debug ip packet
r2 ping 3.3.3.3
r1 debug ip packet
r1 config t
interface s1/0
no ip route-cache
end
r2 ping 3.3.3.3
r1 unde all
r3 debug ip packet
r3 unde all
----------------------------------------------------------------------------------
step 5
r1 show ip nat translations
r1 show run (看地址池有多少地址)
r2 config t
intface s1/0
ip add 192.168.0.3 255.255.255.0 secondary (起辅助地址模拟另一PC )
end
R2 ping 3.3.3.3 source 192.168.0.2
r2 ping 3.3.3.3 source 192.168.0.3
r1 show ip nat translations
r2 conifig t
int s1/0
ip add 192.168.0.4 255.255.255.0 secondary (起辅助地址再模拟一PC)
end
r2 ping 3.3.3.3 source 192.168.0.4
u u u u (这次ping不通 因为nat是一对一的地址转换)
r1 show ip nat translations (可以看到两个地址已被占用了)
r1 clear ip nat translation * (清空)
r1 show ip nat translations (应该空的)
r2 ping 3.3.3.3 source 192.168.0.4
!!!!!
r2 ping 3.3.3.3 source 192.168.0.3
!!!!!
r2 ping 3.3.3.3 source 192.168.0.2
uuuu (它不通没地址了)
r1 show ip nat translations
r1 debug ip packet
r2 debug ip packet
r3 debug ip packet
r1 clear ip nat translation *
r2 ping 3.3.3.3 source 192.168.0.2
---------------------------------------------------------------------------------------
r2 s:192.168.0.2 d 3.3.3.3
r1 s: 13.1.1.1 d: 3.3.3.3
ip nat inside source list 10 pool natpool
natpool: 13.1.1.1---13.1.1.2
rcvd:收到
传统的路由网中 第三层地址不会因为路由器的转发而改变
NAT 就是把一个或者多个地址转换成另一个地址
--------------------------------------------------------------------------------
pat
先配好IP地址
r1 show ip int bri
r2 show ip int bri
r3 show ip int bri
r2 config t
no ip routing
no ip default-gateway 192.168.0.1
exit
r1 config t
ip route 0.0.0.0 0.0.0.0 13.1.1.3
- 最近发表
- 赞助商链接