Using "overload" command with PAT

Hey guys

So i noticed in one of my books, they were setting up dynamic NAT. But then they used the command "overload" when they have pool of 3+ public IP's

Is this correct? Can you use a pool of multiple public IP's and still use the overload command? Or is that only done when you only have one public IP?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

streetking

You can totally use a pool of public ip to do dynamic nat. Heck you will have to if you have thousands of hosts that have Internet access because you will eventually run out of ports for natting. Imagine you have one host that opens a website and the browser issued double digits amount of http get requests because the site links its content here and there. How many hosts will it take to saturate 65535 minus1024 natted ports and everyone starts dropping sessions prematurely?

Codeman6669

Totally make since, thanks for responding.
For some reason my **** teacher told us you only use PAT with a single public IP. I sometimes wish i had just bought the book and studied rather than taking his class.

Thanks again!!

RouteMyPacket

And your teacher is right, go back and read the definitions of NAT and PAT.

NAT

ip nat pool NAT 192.168.10.1 192.168.10.25 prefix 24
ip nat inside source list 1 pool NAT

or

PAT

ip nat pool NAT 192.168.10.1 192.168.10.1 prefix 24
ip nat inside source list 1 pool NAT overload

Of course there is more configs involved but these two show the difference