大家好,又和大家见面了,在互联网发展的这个飞速时代,在互联网的广泛普及,中国网民人数以日剧增,中国IPv4地址成了稀缺的“抢手货”,两三年后将没有新的IP地址可以再申请。业内专家表示,目前中国有网民3.38亿,现在差不多一个半到两个网民共享一个IP地址。眼下,并非所有人都同时上网,所以还不会感觉有什么大问题。但按照目前分配的速度,两三年后可能面临IP地址枯竭,如果不及时解决,网络将会常常“塞车”。在IPV6没有到来的时代里,眼下我们用什么办法缓解IP的问题,通过今天的实验解决这个问题
 
注意:左边的路由为R1 ,右边的路由为R2。PC分别是从左到右为PC1-PC4
 
 

 
企业《网络地址转换NAT》高级配置_第1张图片
 
 
 

实验目的:
1将R1上PC1和PC2的私网地址静态映射成公网地址.(一对一的转换)
2然后将R1连接的内网网段用动态转换出去.(动态转换)
3将R1连接的内网用PAT发布出去.(端口多路复用技术)
测试:
测试联通性验证NAT配置,配置时开启debug查看转换信息
 
调试命令:
show ip nat translations
show ip nat statistics
 
实验步骤:
(1)将R1上PC1和PC2的私网地址静态映射成公网地址
注意:这里的配置是一个公网地址对一个私网地址
 
给所有的PC和路由器配置IP地址
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R1
R1(config)#no ip routing
R1(config)#int s0/0
R1(config-if)#ip add 192.168.1.2 255.255.255.0
R1(config-if)#no sh
R1(config-if)#ip default-gateway 192.168.1.4
R1(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.2 YES manual up up
 
Serial0/1 unassigned YES unset administratively down down
 
Serial0/2 unassigned YES unset administratively down down
 
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R2
R2(config)#no ip routing
R2(config)#int s0/0
R2(config-if)#ip add 192.168.2.3 255.255.255.0
R2(config-if)#no sh
R2(config-if)#ip default-gateway 192.168.2.5
R2(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.2.3 YES manual up down
 
Serial0/1 unassigned YES unset administratively down down
 
Serial0/2 unassigned YES unset administratively down down
 
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R3
R3(config)#no ip routing
R3(config)#int s0/0
R3(config-if)#ip add 172.16.1.1 255.255.255.0
R3(config-if)#no sh
R3(config-if)#ip default-gateway 172.16.1.2
R3(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.1 YES manual up down
 
Serial0/1 unassigned YES unset administratively down down
 
Serial0/2 unassigned YES unset administratively down down
 
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R4
R4(config)#no ip routing
R4(config)#int s0/0
R4(config-if)#ip add 172.16.2.1 255.255.255.0
R4(config-if)#no sh
R4(config-if)#ip default-gateway 172.16.2.2
R4(config)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.2.1 YES manual up down
 
Serial0/1 unassigned YES unset administratively down down
 
Serial0/2 unassigned YES unset administratively down down
 
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R5
R5(config)#int s0/0
R5(config-if)#ip add 192.168.1.4 255.255.255.0
R5(config-if)#no sh
R5(config-if)#int s0/1
R5(config-if)#ip add 192.168.2.5 255.255.255.0
R5(config-if)#no sh
R5(config-if)#int s0/2
R5(config-if)#ip add 10.0.0.1 255.255.255.0
R5(config-if)#no sh
R5(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.4 YES manual up up
 
Serial0/1 192.168.2.5 YES manual up up
 
Serial0/2 10.0.0.1 YES manual up up
 
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R6
R6(config)#int s0/0
R6(config-if)#ip add 172.16.1.2 255.255.255.0
R6(config-if)#no sh
R6(config-if)#int s0/1
R6(config-if)#ip add 172.16.2.2 255.255.255.0
R6(config-if)#no sh
R6(config)#int s0/2
R6(config-if)#ip add 10.0.0.2 255.255.255.0
R6(config-if)#no sh
R6(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.2 YES manual up up
 
Serial0/1 172.16.2.2 YES manual up up
 
Serial0/2 10.0.0.2 YES manual up up
 
Serial0/3 unassigned YES unset administratively down down
 
配置静态NAT
R5(config)#ip nat inside source static 192.168.1.2 10.0.0.3
R5(config)#ip nat inside source static 192.168.2.3 10.0.0.4
R5(config)#int s0/0
R5(config-if)#ip nat inside
R5(config-if)#int s0/1
R5(config-if)#ip nat inside
R5(config)#int s0/2
R5(config-if)#ip nat outside
R6(config)#ip nat inside source static 172.16.1.1 10.0.0.5
R6(config)#ip nat inside source static 172.16.2.1 10.0.0.6
R6(config)#int s0/0
R6(config-if)#ip nat inside
R6(config-if)#int s0/1
R6(config-if)#ip nat inside
R6(config-if)#int s0/2
R6(config-if)#ip nat outside
R1#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/327/1076 ms
R1#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 432/714/1268 ms
R2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/218/464 ms
R2#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 264/513/720 ms
R3#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 520/743/1184 ms
R3#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/256/528 ms
R4#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 476/595/720 ms
R4#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 92/194/288 ms
 
 
实验2)将R1连接的内网网段用动态转换出去.
这里是:比如你申请了多个公网IP的时候,可以做一个地址池,让地址池里面的IP轮流为你的内网的IP做转换
 
动态NAT的配置
企业《网络地址转换NAT》高级配置_第2张图片
配置IP地址
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R1
R1(config)#no ip routing
R1(config)#int s0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#ip default-gateway 192.168.1.10
R1(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.1 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R2
R2(config)#no ip routing
R2(config)#int s0/0
R2(config-if)#ip add 192.168.2.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#ip default-gateway 192.168.2.20
R2(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.2.2 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R3
R3(config)#no ip routing
R3(config)#int s0/0
R3(config-if)#ip add 192.168.3.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#ip default-gateway 192.168.3.30
R3(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.3.3 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R4
R4(config)#no ip routing
R4(config)#int s0/0
R4(config-if)#ip add 172.16.1.1 255.255.255.0
R4(config-if)#no sh
R4(config-if)#ip default-gateway 172.16.1.10
R4(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.1 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R5
R5(config)#no ip routing
R5(config)#int s0/0
R5(config-if)#ip add 172.16.2.2 255.255.255.0
R5(config-if)#no sh
R5(config-if)#ip default-gateway 172.16.2.20
R5(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.2.2 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R6
R6(config)#no ip routing
R6(config)#int s0/0
R6(config-if)#ip add 172.16.3.3 255.255.255.0
R6(config-if)#no sh
R6(config-if)#ip default-gateway 172.16.3.30
R6#show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.3.3 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R7
R7(config)#int s0/0
R7(config-if)#ip add 192.168.1.10 255.255.255.0
R7(config-if)#no sh
R7(config-if)#int s0/1
R7(config-if)#ip add 192.168.2.20 255.255.255.0
R7(config-if)#no sh
R7(config-if)#int s0/2
R7(config-if)#ip add 192.168.3.30 255.255.255.0
R7(config-if)#no sh
R7(config-if)#int s0/3
R7(config-if)#ip add 10.0.0.1 255.255.255.0
R7(config-if)#no sh
R7(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.10 YES manual up up
Serial0/1 192.168.2.20 YES manual up up
Serial0/2 192.168.3.30 YES manual up up
Serial0/3 10.0.0.1 YES manual up up
R7(config)#access-list 1 permit 192.168.1.0 0.0.0.255
R7(config)#access-list 1 permit 192.168.2.0 0.0.0.255
R7(config)#access-list 1 permit 192.168.3.0 0.0.0.255
R7(config)#$ 2t33 10.0.0.3 10.0.0.4 netmask 255.255.255.0 type rotary
R7(config)#ip nat inside source list 1 pool 2t33
R7(config)#int s0/0
R7(config-if)#ip nat inside
R7(config-if)#int s0/1
R7(config-if)#ip nat inside
R7(config-if)#int s0/2
R7(config-if)#ip nat inside
R7(config-if)#int s0/3
R7(config-if)#ip nat outside
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
Router(config)#ho R8
R8(config)#int s0/0
R8(config-if)#ip add 172.16.1.10 255.255.255.0
R8(config-if)#no sh
R8(config-if)#int s0/1
R8(config-if)#ip add 172.16.2.20 255.255.255.0
R8(config-if)#no sh
R8(config-if)#int s0/2
R8(config-if)#ip add 172.16.3.30 255.255.255.0
R8(config-if)#no sh
R8(config-if)#int s0/3
R8(config-if)#ip add 10.0.0.2 255.255.255.0
R8(config-if)#no sh
R8(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.10 YES manual up up
Serial0/1 172.16.2.20 YES manual up up
Serial0/2 172.16.3.30 YES manual up up
Serial0/3 10.0.0.2 YES manual up up
R8(config)#access-list 1 permit 172.16.1.0 0.0.0.255
R8(config)#access-list 1 permit 172.16.2.0 0.0.0.255
R8(config)#access-list 1 permit 172.16.3.0 0.0.0.255
R8(config)#ip nat pool huzong 10.0.0.5 10.0.0.6 net
R8(config)#$ huzong 10.0.0.5 10.0.0.6 netmask 255.255.255.0 type rotary
R8(config)#ip nat inside source list 1 pool huzong
R8(config)#int s0/0
R8(config-if)#ip nat inside
R8(config-if)#int s0/1
R8(config-if)#ip nat inside
R8(config-if)#int s0/2
R8(config-if)#ip nat inside
R8(config-if)#int s0/3
R8(config-if)#ip nat outside
 
测试连通性
R1#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 268/399/576 ms
R1#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 432/633/864 ms
R1#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 236/306/432 ms
R1#ping 10.0.0.4
Type escape sequence to abort.!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 288/406/576 ms
R1#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 784/905/1008 ms
R1#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 820/912/1008 m
R2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/216/288 ms
R2#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 576/652/720 ms
R2#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/268/432 ms
R2#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 288/361/512 ms
R2#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 688/944/1296 ms
R2#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 824/913/1008 ms
PC3#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 288/355/480 ms
PC3#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 388/567/720 ms
PC3#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1008/1202/1296 ms
PC3#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 988/1205/1440 ms
PC3#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 764/988/1296 ms
PC3#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R4#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 576/696/744 ms
R4#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 288/320/432 ms
R4#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 632/932/1152 ms
R4#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 864/925/1152 ms
R4#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1184/1302/1440 ms
R4#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1104/1315/1440 ms
R5#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 292/490/576 ms
R5#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 108/271/432 ms
R5#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 588/924/1296 ms
R5#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 488/846/1008 ms
R5#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 988/1119/1152 ms
R5#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 996/1178/1296 ms
R6#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 388/596/720 ms
R6#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 200/303/452 ms
R6#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 864/919/1140 ms
R6#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 860/892/1008 ms
R6#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 796/1138/1296 ms
R6#ping 10.0.0.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:
....
 
 
实验3)将R1连接的内网用PAT发布出去.
端口多路复用技术,通过区分端口,是内网所有用户通过一个公网IP上网
企业《网络地址转换NAT》高级配置_第3张图片
R1>en
R1#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#no ip domain-lookup
R1(config)#line console 0
R1(config-line)#no exec-t
R1(config-line)#logg s
R1(config-line)#exit
R(config)#ho R1
R1(config)#no ip routing
R1(config)#int s0/0
R1(config-if)#ip add 192.168.1.2 255.255.255.0
R1(config-if)#no sh
R1(config-if)#ip default-gateway 192.168.1.4
R1(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.2 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
R(config)#ho R2
R2(config)#no ip routing
R2(config)#int s0/0
R2(config-if)#ip add 192.168.2.3 255.255.255.0
R2(config-if)#no sh
R2(config-if)#ip default-gateway 192.168.2.5
R2(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.2.3 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
R(config)#ho R3
R3(config)#no ip routing
R3(config)#int s0/0
R3(config-if)#ip add 172.16.1.1 255.255.255.0
R3(config-if)#no sh
R3(config-if)#ip default-gateway 172.16.1.2
R3(config)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.1 YES manual up down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
R(config)#ho R4
R4(config)#no ip routing
R4(config)#int s0/0
R4(config-if)#ip add 172.16.2.1 255.255.255.0
R4(config-if)#no sh
R4(config-if)#ip default-gateway 172.16.2.2
R4(config)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.2.1 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
R(config)#ho R5
R5(config)#int s0/0
R5(config-if)#ip add 192.168.1.4 255.255.255.0
R5(config-if)#no sh
R5(config-if)#int s0/1
R5(config-if)#ip add 192.168.2.5 255.255.255.0
R5(config-if)#no sh
R5(config-if)#int s0/2
R5(config-if)#ip add 10.0.0.1 255.255.255.0
R5(config-if)#no sh
R5(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 192.168.1.4 YES manual up up
Serial0/1 192.168.2.5 YES manual up up
Serial0/2 10.0.0.1 YES manual up up
Serial0/3 unassigned YES unset administratively down down
R5(config)#access-list 10 permit 192.168.1.0 0.0.0.255
R5(config)#access-list 10 permit 192.168.2.0 0.0.0.255
R5(config)#ip nat pool onlyone 10.0.0.3 10.0.0.3 netmask 255.255.255.0
R5(config)#ip nat inside source list 10 pool onlyone overload
R5(config)#int s0/0
R5(config-if)#ip nat inside
R5(config-if)#int s0/1
R5(config-if)#ip nat inside
R5(config-if)#int s0/2
R5(config-if)#ip nat outside
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain-lookup
Router(config)#line console 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#exit
R(config)#ho R6
R6(config)#int s0/0
R6(config-if)#ip add 172.16.1.2 255.255.255.0
R6(config-if)#no sh
R6(config-if)#int s0/1
R6(config-if)#ip add 172.16.2.2 255.255.255.0
R6(config-if)#no sh
R6(config-if)#int s0/2
R6(config-if)#ip add 10.0.0.2 255.255.255.0
R6(config-if)#do show ip int b
Interface IP-Address OK? Method Status Prot
ocol
Serial0/0 172.16.1.2 YES manual up up
Serial0/1 172.16.2.2 YES manual up up
Serial0/2 10.0.0.2 YES manual up up
Serial0/3 unassigned YES unset administratively down down
R6(config)#access-list 10 permit 172.16.1.0 0.0.0.255
R6(config)#access-list 10 permit 172.16.2.0 0.0.0.255
R6(config)#ip nat pool onlyone 10.0.0.4 10.0.0.4 netmask 255.255.255.0
R6(config)#ip nat inside source list 10 pool onlyone overload
R6(config)#int s0/0
R6(config-if)#ip nat inside
R6(config-if)#int s0/1
R6(config-if)#ip nat inside
R6(config-if)#int s0/2
R6(config-if)#ip nat outside
测试连通性
 
R1#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/223/288 ms
 
R1#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 348/616/720 ms
 
R1#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 260/311/424 ms
R1#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
 
 
R2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 284/295/328 ms
 
R2#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 432/602/720 ms
 
R2#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 136/196/288 ms
 
R2#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
 
R3#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 552/571/576 ms
 
R3#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 144/336/432 ms
 
R3#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 864/924/1024 ms
 
R3#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1060/1176/1296 ms
 
R4#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 488/587/720 ms
 
R4#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 116/279/432 ms
 
R4#ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 576/636/720 ms
 
R4#ping 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1152/1216/1296 ms
 
 
   好了整个实验的配置过程完成了,实验比较简单,主要理解这三种常用NAT技术的转换方式以及工作原理,大家如果有问题就提出来,我会随时关注大家的
 
您的支持是我最大的动力