NAT/PAT Clarification required please

Hi,

Can anybody help me to clearly define what the difference is between the following:

Inside Global / Inside Local
Outside Local / Outside Global

I remember being slightly confused after doing the CCENT, but im still finding it difficult to remember now when taking the CCNA.

Does anybody have a nice explanation or a simple diagram that highlights the interfaces that each of these relate to?

Is this correct?

Many THanks
Nick

Find more posts tagged with

Comments

Mark Knutson

Agreed. I have been through the definitions a few times, and its still confusing.

ConstantlyLearning

Inside Local - Local LAN address - i.e. Your home LAN network

Inside Global - Local Wan address - i.e. Your public address assigned to your router interface by your ISP.

Outside Global - Remote WAN address - i.e. The public address of some other remote network

Outside Local - Remote Local address - i.e. the local LAN on some other remote network

So look at 'Inside' as anything to do with your own network and 'Outisde' to do with some other remote network.

Look at 'Local' and 'Global' as 'Private' and 'Public' respectively.

That help at all?

surfthegecko

Excellent. That does make sense (or at least I believe it does)

So what your saying would be something more like this:
I left IP addresses off because it was originally all private addresses, and I was too lazy to retype them to have some public ones for this demo

Escuse the crude diagram as well, the vertical lines simulate the network at either side

surfthegecko

Also, are the outside global and outside local normally the same address.
Most examples I have seen and also recreated myself appear to be.

Is this just because we wouldnt see the outside local's private address scheme?

billscott92787

I would have to say that it would depend on the configuration. Someone correct me please, but If you have the configuration like in your example, you could have one IP address assigned to that interface on Router 0 which would be the inside global address. Then, you could configure a NAT pool, with outside global addresses, which could consist of 2, 3, 4, 5, 6, IP addresses provided by the service provider, which provides you "globally" route able IP addresses to everything outside your private LAN. Of course it all would depend on the setup.

ConstantlyLearning

billscott92787 wrote: »

I would have to say that it would depend on the configuration. Someone correct me please, but If you have the configuration like in your example, you could have one IP address assigned to that interface on Router 0 which would be the inside global address. Then, you could configure a NAT pool, with outside global addresses, which could consist of 2, 3, 4, 5, 6, IP addresses provided by the service provider, which provides you "globally" route able IP addresses to everything outside your private LAN. Of course it all would depend on the setup.

Well the main thing is that the way I've explained it will allow you to answer the related questions on the exam.

surfthegecko

Yeah this would appear to be true also, like anything in life I suppose it depends on the setup and the context.
You can in theory have an inside local, inside global, outside global, inside global and in theory use private network addresses for all of them, just as a way of controlling internal resource to internal kit from one network to another.... if that makes sense.

Thanks constantlylearning, it does make sense the way you have explained it, so I appreciate your help on this one.

billscott92787

Constantly Learning is correct. I would retain these definitions. I hope your studies are going well.

surfthegecko

Thanks to both of you.

Studies are going.... I sit my exam on Tuesday (only booked it last friday), so havent given myself that long to learn it all.

Had a 5 day course about 4 months ago and havent had time to study/write since then, so just thought "s*d it" and thought I would apply the pressure technique.

Fingers crossed because I'm still

on a few things.

Strangly calm though, I am either sub conciously quietly optimistic, or I have sub consciously accepted the fact that im going to fail

Mark Knutson

surfthegecko wrote: »

Also, are the outside global and outside local normally the same address.
Most examples I have seen and also recreated myself appear to be.

Is this just because we wouldnt see the outside local's private address scheme?

Not if they are using nat. I doubt there are many organizations that are not.

And, yes, the clarified definition makes sense.

billscott92787

Are you doing the ICND2 portion?

surfthegecko

Yep, took the ICND1 (CCENT cert) back in March.
Couldnt book the ICND2 course for a few months because of work, then when I did the very next week I bought a house and have spent about 3 months doing it up (hence determination to get it done in a week so its completed).

I want to move onto the CCVP next, although I think I will need to know a lot of the CCNP to make CCVP clear.