chapter11:网络地址转换（NAT）

一、网络地址转换类型：以下命令都需应用在端口上：

                                                R1<config-if>#in nat inside/outside

        1.静态NAT：

   eg:R1<config>#ip nat inside source static 192.168.0.10 121.14.105.8

        2.动态NAT:

   eg:R1<config>#ip nat pool teleepoch 121.14.105.8 121.14.105.16 netmask 255.255.255.248

        R1<config>#access-list 1 permit 192.168.0.0 0.0.0.255 

        R1<config>#ip nat inside source list 1 pool teleepoch

        3.复用:

   eg:R1<config>#ip nat pool teleepoch 121.14.105.8 121.14.105.8 netmask 255.255.255.252

        R1<config>#access-list 1 permit 192.168.0.0 0.0.0.255 

        R1<config>#ip nat inside source list 1 pool teleepoch  overload

 

二、NAT术语：

        1.内部本地地址

        2.外部本地地址

        3.内部全局地址

        4.外部全局地址

 

三、NAT的简单验证：

        1.R1#show ip nat translation

        2.R1#debug ip nat

        3.R1<config>#clear ip nat translation(清除动态NAT条目)

        4.R1<config>#ip nat translation max-entries(限制NAT条目的数量)

        5.R1#show ip nat statistics(查看NAT配置的汇总情况)

        6.R1<config>#ip nat translation timeout 86400(这是默认的动态条目计时器:一天)