CCNA Tutorial – What You Need To Know About NAT And Routing

This is a CCNA tutorial on how Cisco NAT (network address translation) works.  I wrote previously about how to use the proper NAT Cisco IOS Commands.  This article will provide more detail on the NAT order of operations and routing.

One important point of NAT which is not mentioned in many CCNA tutorials and CCNA books is the NAT order of operations.  Cisco has written a document about the NAT order of operation which can be intimidating to read for the new network engineer or CCNA candidate.  Strictly speaking, you might not need to have this knowledge for the CCNA test, however, this is very useful to know for any practical implementation of NAT, and it’s definitely something within the CCNA level of knowledge.  Read this CCNA tutorial well and you’ll be able to improve your practical NAT knowledge.

The translation is done whenever the packet traveses the router from the NAT inside interface to the NAT outside interface, or the other way round from the NAT outside interface to the NAT inside interface.  In many NAT implementations, there is no dynamic routing configured due to security restrictions in the network DMZ or at the network edge.  In this case, how would you know which routes you need to configure for the NAT to operate smoothly?  Do you need to have routing to the untranslated or translated address?  This is a source of confusion to many network engineers new to networking and the topic I will focus on for this CCNA tutorial.

NAT Inside To Outside

For packets going from the NAT inside to the NAT outside interface (local to global translation), when you check the Cisco order of operations guide, you will find that routing occurs before translation.  In this case, you’ll need a route for the untranslated network or address (in the above diagram, 196.168.100.1).  This can be added statically if no dynamic routing protocol is configured.

Network Address Translation - Incoming Packet

NAT Outside To Inside

For packets going from the NAT outside to the NAT inside interface (global to local translation), routing occurs only after translation.  In this case, you’ll need a route to the post-translation address (in this case 192.168.1.1), NOT the global address as you might expect.

There are other aspects of the NAT order of operation that affect the NAT configuration but by far the routing is the most important to have a functional NAT configuration.  Some other parts of the NAT process such as when the ACLs are checked are also important, and I’ll cover this in an article sometime in future.

I hope this CCNA tutorial has helped improve your knowledge of NAT for the CCNA and beyond.

P.S. Become a fan of SavvyNetCert on FaceBook now. Click here to see our FaceBook page.

Cheers,
Francis (@savvynetcert)

Technorati Tags: ccna tutorial, ccna tutorials, nat, network address translation

CCNA Network Engineer Tips – An Overview Of Using The OSI Model For Troubleshooting

For any CCNA network engineer, The 7 layer OSI (Open System Interconnection) model can be said to be the most important reference model for networking communications today.  It’s essential to have a good understanding of the OSI model so you can have a common frame of reference with other network engineers in your organization and even elsewhere outside your organization, for example, with service providers and even application developers.

The OSI model is also extremely useful as a basis for network troubleshooting.  One way to do this is to isolate problems and troubleshoot from Layer 1 up to Layer 7.  This is slightly out of the scope of the CCNA exam but it’s still important to know this for practical day to day troubleshooting.  Here is a short overview of what possible issues can happen at the first 3 layers:

1. Physical Layer (Layer 1)- At the physical layer, it’s possible to have some issues with the transmission media.  This includes faulty, malfunctioning or improperly terminated cable, or even something wrong with the switch hardware.  There could also be very low-level errors from the switch or other active media such as signaling or buffering issues.
2. Data Link Layer (Layer 2) – The most common layer 2 protocol is Ethernet.  In an Ethernet network, problems that can occur in the data link layer include misconfiguration of the switch leading to spanning tree loops, broadcast storms as well as other frame forwarding and switching problems.  It is usually quite difficult to troubleshoot issues at layer 2 when they occur, and the convergence time for the spanning tree makes this even more complicated.
3. Network Layer (Layer 3) - Since the majority of networks these days are running IP, the network layer is also commonly referred to as the IP layer, due to the fact that IP addresses reside at this layer.  The most common issue at this layer are routing related problems, due to incorrectly configured dynamic protocols or misconfigured static routes.  Problems at layer 3 are usually easier to isolate when compared to layer 2 issues, however, the potential impact of a routing issue is very high.  If a bad route is inserted into the network and this is redistributed across the entire network, the results could be devastating.

I’ll focus on network issues that can happen at layer 4 in a future article.  Be sure to subscribe to my RSS feed and follow me on twitter so you don’t miss anything!

Cheers,
Francis (SavvyNetCert.Com)

Technorati Tags: ccna network engineer, ccna notes, ccna tutorial, ccna tutorials