Thanks for the explanation.
1 Like
Hi Rene, first of all great lesson. However, on the last portion beneath the command of #show nat translations, it says āAnd as you can see host2 has been translated to IP address 192.168.2.11.ā It should be 192.168.23.11, right?
One more question. for the ip nat pool range creation, the prefix-length is the same as the subnet mask, correct? I am seeing in my packet tracer it wants the netmask command instead of the prefix-lenght at the end:
#ip nat pool MYPOOL 192.168.23.1 192.168.23.20 netmask 255.255.255.0
thanks!
Greg
Hello Greg
Yes, you are correct, thanks for catching that! Iāll let @ReneMolenaar know to make the changeā¦
You can specify the network to which this range belongs by using either the netmask keyword or the prefix-length keyword. Both do the same thing, they just indicate it in different ways. For example, the following two commands are identical:
ip nat pool MYPOOL 192.168.23.1 192.168.23.20 netmask 255.255.255.0
ip nat pool MYPOOL 192.168.23.1 192.168.23.20 prefix-length 24
More info about this command can be found at this Cisco command reference:
Because packet tracer is a simulator (and not an emulator) it does not have the full commands and feature sets that real devices have. For this reason, it seems that the designers considered it superfluous to have both the netmask and prefix-length keywords available.
I hope this has been helpful!
Laz
1 Like
I think the IP address that host 2 is translated to is 192.168.23.11.
I have always been a bit confused by the prefix command at the end of the pool command.
I wondered why I only had 10 ip addresses but such a huge prefix-length. I thought I would mention what I discovered here.
when using Dynamic NAT you have two goals.
- You need an inside global(an IP that you translate to)
- You need to be in the same subnet as the router interfaces on that link.
so when the translation happens you will end up translating the IP address to some ip between 192.168.23.10-192.168.23.20 with a mask of /24
Hello Justin
Yes, you are correct, the lesson has a typo, and Iāll let Rene know to make the correction.
Also, thanks for sharing your understanding of the prefix-length keyword. Indeed it is not used to define the range of addresses, since the range is clearly stated by the āstart IPā and āend IPā addresses in the ip nat pool command. The prefix length does indeed indicate the mask of the translated address to determine if a packet needs to be sent directly to the host (if it is in the same subnet) or to the next hop router (if it is in a different subnet).
I will create a new NetworkLessons note soon that describes this and I will reference your post.
Thanks so much!
Laz
Hello Justin
Hereās the NetworkLessons note on the prefix-length keyword at the end of the nat pool command.
Thanks for your input!
Laz
1 Like
Hi Rene, I unable to show NAT Translation and unable to ping between Host-Web. What did i do wrong?
Hello Amran
From the information you have shared here, I donāt see any reason for this not to work. The only difference you have from the lesson is that you are using the netmask instead of prefix-length keyword, but in both cases, the result is the same. (Take a look at this NetworkLessons note about how the prefix-length keyword is used with NAT for more info.)
I hope this has been helpful!
Laz