PAT: port assignment

i'm confused

check this
scenario..

If i have two machines, A and B

A 10.10.10.25:1032
B 10.10.10.29:1032

and have only one Public IP addr: 200.56.36.24
and PAT already config,
then if A tries to establish a session with a remote machine, the router will translate the A ip addr to 200.56.36.24 using port 1032 because PAT attempts to preserve the original port, so , if B is bieng translated What port will PAT assign to it?

1033
or 1024 (if free) because is the first available of that range of addresses (1024-65535)

thnks everybody!!!

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

!30

@hectorjhrdz , it's simple man , let'e explain to you.

let's supose you have to machine like you said , 10.10.10.25 and 10.10.10.25 .

and the public IP of the router.. external interface ( to ISP ) , 200. like you sayed and so on so fort you confured PAT on your router.

The problem is that , machine A per example , 10.10.10.25 , won't have default a prot asigned to it , like you sayed.But when it will establised a remote conenction , router will give it a port ( it's diferent , like the port's we know , are used for trasnalation betwen multiple Ip addreses , private one) , so remote host will know to use port 1023 for machine A.
When machine B will try to establihe a connecton , it will get the next port and make the connection m like 1024.The roter will try to preserve these prot's like you saied and there qwill be no problem.

I don't udnerstand your probleme ( it will use the next port free , that is not already preserved to another comptuer for PAT trasnaltion , before restarting the router ).

I think this is what you want to know ( these port's are diferent from the ports like 23 for Telent , or 53 for DNS , are use for trasnaltion of the source and destination header , the header will be a bit modified .. ).

Cheer's !

forbesl

Here's Cisco's answer:

Cisco IOS Network Address Translation Overview

!30

He was asking about PAT altough :P

mikej412

!30 wrote:

He was asking about PAT altough :P

PAT is a subset of NAT -- which is mentioned in the sentence before the answer to the original question which is contained in that link forbesl provided.

lwwarner

Also here:

Q. How does PAT work?

And probably a couple of other locations scattered around cisco.com...

mikej412

lwwarner wrote:

Also here:

That link might be better -- doesn't have the typo for the port ranges... the 0-5111 in the first link should be 0-511 as in your link.

At the bottom of lots of the Cisco Doc pages are links for more or related information -- there is lots of good stuff on Cisco. Plus they have the page rating/comment links on the left where you can report typos!

!30

you could try here to , I'm sure he will find :

Google is your friend asking it for PAT .

I know what PAT is

hectorjhrdz

no,no,no,no,no,no!!!!!

you didn't pay any attention !30!!!!!!

look:

if A 10.10.10.2:1034 (port assigned by pc)

then due to PAT

> 200.56.36.24:1034
(port preservation!!!!!!! )

B 10.10.10.56:1034 PAT

> 200.56.36.24:1024 ...if free

if not 1025, if not 1026 if not 1027
and so on

lwwarner's recommendation was useful

"...If the requested source port is not available, NAT starts searching from the beginning of the relevant group. In this example starting at 1 for TCP or UDP applications and 0 for ICMP...."

thnks

!30

Maybe I was wrong but I payed attention.Don't yellow man , be calm : and look at what I was saying to you :

At first 10.10.10.2 ( this PC , having this IP , hasen't got any port ! ).Do you get me ? The pc , won't get itself a port , the router will.When this PC , will try to pass above the router , the router will take a port like 1023 , like you sayed and ( the router not the PC will try to preserve that port to that IP / PC ).Do you get me ?
Let's take another example , when PC 2 , like 10.10.10.15 will try to get above the router , on the internet , it won't have any port assigned ( but the router will , and try to preserve , not the PC , assgines the port NAT & PAT port , just the router does ).

When 10.10.10.2 will try to get again on the internet , or to receive some data from the remote host the router will know ( coz it preserve that port for PAT ) and take the data to the right internal/private IP.

Something like source port like computer 1 10.10.10.2 , using 1023 for comunicating with remote Web server X with destination port 80 ( or 8080 ) , it's a diferent thing with that port used for NAT trasnalation or PAT.

I'm wrong boy's , coz If I am I should revise my lesson's.

hectorjhrdz

!30

yes the router tries to preserve the port, i'm agree

you say:

"At first 10.10.10.2 ( this PC , having this IP , hasen't got any port ! ).Do you get me ? The pc , won't get itself a port , the router will."

The TCP/IP embedded on the pc ASSIGNS the port to the pc
not the router. then, if NAT (PAT)has been set on the router obviously it will assign a port to the pc.

"I'm wrong boy's , coz If I am I should revise my lesson's."

yes...

cheers

!30

When a computer on the inside network sends a packet to the outside network, we still want to hide its sender’s address. The PAT device replaces the inside IP address in the packet header’s source field (sender’s address) with the PAT device’s outside IP address. It then assigns the connection a port number from a pool of available ports, inserts this port number in the packet header source port field (the post office box number), and places the packet on the outside network. The NAT device then makes an entry in its translation table containing the inside IP address, inside source port, and outside port. Subsequent packets from the same connection on the inside IP address are translated to the same outside port number translation.

PAT device : router :

The TCP/IP embedded on the pc ASSIGNS the port to the pc
not the router. then

-TCP/IP embedded , assign's the TCP port or UDP port to the PC socket.The router or PAT device assgin's the PAT port.

try this : http://en.wikipedia.org/wiki/Port_address_translation

"I'm wrong boy's , coz If I am I should revise my lesson's."

yes...

-you shall learn and then make comment's !

And btw , in my other posts I was talking about NAT port's assgined by the router not about TCP/IP embeded port's , it's a big , big diference.
Cheer's !

hectorjhrdz

"-TCP/IP embedded , assign's the TCP port or UDP port to the PC socket.The router or PAT device assgin's the PAT port."

i wasn´t sayin' another thing
yes you was talkin about NAT, not PAT

oh my god take care with the things you post.

Cheers

!30

I was talking about PAT , I got the source from wikipedia.

NAT

oh my god take care with the things you post.

I explained you for the beggining , I was talking about PAT port's not TCP/Ip embeded ports..