PacketTracer网络地址转换NAT配置实验.docx
《PacketTracer网络地址转换NAT配置实验.docx》由会员分享,可在线阅读,更多相关《PacketTracer网络地址转换NAT配置实验.docx(9页珍藏版)》请在冰豆网上搜索。
PacketTracer网络地址转换NAT配置实验
网络地址转换NAT配置
一、实验目标
理解NAT网络地址转换的原理及功能;
掌握静态NAT的配置,实现局域网访问互联网;
二、实验背景
公司欲发布WWW服务,现要求将内网Web服务器IP地址映射为全局IP地址,实现外部网络可访问公司内部Web服务器。
三、技术原理
网络地址转换NAT(NetworkAddressTranslation),被广泛应用于各种类型Internet接入方式和各种类型的网络中。
原因很简单,NAT不仅完美解决了IP地址不足的问题,而且还能够有效地避免来自网络外部的攻击,隐藏并保护网络内部的计算机。
默认情况下,内部IP地址是无法被路由到外网的,内部主机10.1.1.1要与外部internet通信,IP包到达NAT路由器时,IP包头的源地址被替换成一个合法的外网IP,并在NAT转换表中保存这条记录。
当外部主机发送一个应答到内网时,NAT路由器收到后,查看当前NAT转换表,用替换掉这个外网地址。
NAT将网络划分为内部网络和外部网络两部分,局域网主机利用NAT访问网络时,是将局域网内部的本地地址转换为全局地址(互联网合法的IP地址)后转发数据包。
NAT分为两种类型:
NAT(网络地址转换)和NAPT(网络端口地址转换IP地址对应一个全局地址)。
静态NAT:
实现内部地址与外部地址一对一的映射。
现实中,一般都用于服务器;
动态NAT:
定义一个地址池,自动映射,也是一对一的。
现实中,用得比较少;
NAPT:
使用不同的端口来映射多个内网IP地址到一个指定的外网IP地址,多对一。
四、实验步骤
实验拓扑
1、R1为公司出口路由器,其与外部路由之间通过电缆串口连接,DCE端连接在R2上,配置其时钟频率为64000;
2、配置PC机、服务器及路由器接口IP地址;
3、在各路由器上配置静态路由协议,让PC间能相互ping通;
4、在R1上配置静态NAT;
5、在R1上定义内外部网络接口;
6、验证主机之间的互通性。
R1:
Router>en
Router#conft
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
Router(config)#hostnameR1
R1(config)#intfa0/0
R1(config-if)#ipadd
R1(config-if)#noshut
%LINK-5-CHANGED:
InterfaceFastEthernet0/0,changedstatetoup
%LINEPROTO-5-UPDOWN:
LineprotocolonInterfaceFastEthernet0/0,changedstatetoup
R1(config-if)#exit
R1(config)#ints2/0
R1(config-if)#ipadd
R1(config-if)#noshut
%LINK-5-CHANGED:
InterfaceSerial2/0,changedstatetodown
R1(config-if)#
%LINK-5-CHANGED:
InterfaceSerial2/0,changedstatetoup
%LINEPROTO-5-UPDOWN:
LineprotocolonInterfaceSerial2/0,changedstatetoup
R1(config-if)#
R1(config-if)#
R1(config-if)#exit
R1(config)#iproute0
EndwithCNTL/Z.
R1(config)#intfa0/0
R1(config-if)#?
arpSetarptype(arpa,probe,snap)ortimeout
bandwidthSetbandwidthinformationalparameter
cdpCDPinterfacesubcommands
cryptoEncryption/Decryptioncommands
custom-queue-listAssignacustomqueuelisttoaninterface
delaySpecifyinterfacethroughputdelay
descriptionInterfacespecificdescription
duplexConfigureduplexoperation.
exitExitfrominterfaceconfigurationmode
fair-queueEnableFairQueuingonanInterface
hold-queueSetholdqueuedepth
ipInterfaceInternetProtocolconfigcommands
mac-addressManuallysetinterfaceMACaddress
mtuSettheinterfaceMaximumTransmissionUnit(MTU)
noNegateacommandorsetitsdefaults
priority-groupAssignaprioritygrouptoaninterface
service-policyConfigureQoSServicePolicy
shutdownShutdowntheselectedinterface
speedConfigurespeedoperation.
tx-ring-limitConfigurePAleveltransmitringlimit
zone-memberApplyzonename
R1(config-if)#ip?
access-groupSpecifyaccesscontrolforpackets
addressSettheIPaddressofaninterface
hello-intervalConfiguresIP-EIGRPhellointerval
helper-addressSpecifyadestinationaddressforUDPbroadcasts
inspectApplyinspectname
ipsCreateIPSrule
mtuSetIPMaximumTransmissionUnit
natNATinterfacecommands
ospfOSPFinterfacecommands
split-horizonPerformsplithorizon
summary-addressPerformaddresssummarization
virtual-reassemblyVirtualReassembly
R1(config-if)#ipnat?
insideInsideinterfaceforaddresstranslation
outsideOutsideinterfaceforaddresstranslation
R1(config-if)#ipnatinside?
R1(config-if)#ipnatinside
R1(config-if)#exit
R1(config)#ints2/0
R1(config-if)#ipnatoutside?
R1(config-if)#ipnatoutside
R1(config-if)#exit
R1(config)#
R1#
R1#
R1#conft
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
R1(config)#ip?
access-listNamedaccess-list
default-networkFlagsnetworksascandidatesfordefaultroutes
dhcpConfigureDHCPserverandrelayparameters
domainIPDNSResolver
domain-lookupEnableIPDomainNameSystemhostnametranslation
domain-nameDefinethedefaultdomainname
forward-protocolControlsforwardingofphysicalanddirectedIPbroadcasts
hostAddanentrytotheiphostnametable
name-serverSpecifyaddressofnameservertouse
natNATconfigurationcommands
routeEstablishstaticroutes
tcpGlobalTCPparameters
R1(config)#ipnat?
insideInsideaddresstranslation
outsideOutsideaddresstranslation
poolDefinepoolofaddresses
R1(config)#ipnatinside?
sourceSourceaddresstranslation
R1(config)#ipnatinsidesource?
listSpecifyaccesslistdescribinglocaladdresses
staticSpecifystaticlocal->globalmapping
R1(config)#ipnatinsidesourcestatic?
InsidelocalIPaddress
tcpTransmissionControlProtocol
udpUserDatagramProtocol
R1(config)#ipnatinsidesourcestatic?
InsideglobalIPaddress
R1(config)#ipnatinsidesourcestatic?
R1(config)#ipnatinsidesourcestatic.
Currentconfiguration:
753bytes
!
version
noservicetimestampslogdatetimemsec
noservicetimestampsdebugdatetimemsec
noservicepassword-encryption
!
hostnameR1
!
...
!
interfaceFastEthernet0/0
ipaddress
ipnatinside
duplexauto
speedauto
!
interfaceFastEthernet1/0
noipaddress
duplexauto
speedauto
shutdown
!
interfaceSerial2/0
ipaddress
ipnatoutside
!
interfaceSerial3/0
noipaddress
shutdown
!
interfaceFastEthernet4/0
noipaddress
shutdown
!
interfaceFastEthernet5/0
noipaddress
shutdown
!
ipnatinsidesourcestatic
ipclassless
iproute
!
...
!
linecon0
linevty04
login
!
end
R1#
R2:
Router>
Router>en
Router#conft
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
Router(config)#hostnameR2
R2(config)#intfa0/0
R2(config-if)#ipaddshut
%LINK-5-CHANGED:
InterfaceFastEthernet0/0,changedstatetoup
%LINEPROTO-5-UPDOWN:
LineprotocolonInterfaceFastEthernet0/0,changedstatetoup
R2(config-if)#exit
R2(config)#ints2/0
R2(config-if)#ipaddshut
%LINK-5-CHANGED:
InterfaceSerial2/0,changedstatetoup
R2(config-if)#clockrate64000
R2(config-if)#
%LINEPROTO-5-UPDOWN:
LineprotocolonInterfaceSerial2/0,changedstatetoup
R2(config-if)#
R2(config-if)#
R2(config-if)#exit
R2(config)#iprouteConfiguredfromconsolebyconsole
R2#showiproute
Codes:
C-connected,S-static,I-IGRP,R-RIP,M-mobile,B-BGP
D-EIGRP,EX-EIGRPexternal,O-OSPF,IA-OSPFinterarea
N1-OSPFNSSAexternaltype1,N2-OSPFNSSAexternaltype2
E1-OSPFexternaltype1,E2-OSPFexternaltype2,E-EGP
i-IS-IS,L1-IS-ISlevel-1,L2-IS-ISlevel-2,ia-IS-ISinterarea
*-candidatedefault,U-per-userstaticroute,o-ODR
P-periodicdownloadedstaticroute
Gatewayoflastresortisnotset
S[1/0]viaisdirectlyconnected,Serial2/0
Cisdirectlyconnected,FastEthernet0/0
R2#
PC1:
PacketTracerPCCommandLine
PC>ipconfig
IPAddress......................:
Mask.....................:
Gateway.................:
with32bytesofdata:
Requesttimedout.
Replyfrombytes=32time=19msTTL=126
Replyfrombytes=32time=17msTTL=126
Replyfrombytes=32time=15msTTL=126
PingstatisticsforPackets:
Sent=4,Received=3,Lost=1(25%loss),
Approximateroundtriptimesinmilli-seconds:
Minimum=15ms,Maximum=19ms,Average=17ms
PC>
PC1-WEB:
升级会员 