Confusion regarding NAT terms

bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
in CCNA & CCENT
First off sorry for all my threads; I think I'm getting close to setting up my test date so am bringing up everything I've not been able to make sense of.

Regarding NAT terms, I understand Inside local (my hosts' private address) and Inside global (the address assigned by my ISP). I know the actual definition isn't that specific but I find it easier to remember when I apply information to something I already know.

I'm having trouble though with the difference between Outside local and Outside global. Both are the destination address; before and after translation, respectively, but I can't grasp how/why/when the destination address would get translated?
Latest Completed: CISSP

Current goal: Dunno
· Share on FacebookShare on Twitter

Comments

  • notgoing2failnotgoing2fail Member Posts: 1,138
    bermovick wrote: »
    First off sorry for all my threads; I think I'm getting close to setting up my test date so am bringing up everything I've not been able to make sense of.

    Regarding NAT terms, I understand Inside local (my hosts' private address) and Inside global (the address assigned by my ISP). I know the actual definition isn't that specific but I find it easier to remember when I apply information to something I already know.

    I'm having trouble though with the difference between Outside local and Outside global. Both are the destination address; before and after translation, respectively, but I can't grasp how/why/when the destination address would get translated?


    If I remember correctly, the outside global is your PUBLIC destination address.
    The outside local would then be the private side of your destination...
    · Share on FacebookShare on Twitter
  • wbosherwbosher Member Posts: 422
    bermovick wrote: »
    I can't grasp how/why/when the destination address would get translated?

    I'm with you there. The destination address would also probably get NATed, so you would never actually see the inside address (outside local) of the remote network. I guess there must be times when you can, or why would they bother putting it in the ouput of the show ip nat translations command?
    · Share on FacebookShare on Twitter
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    wbosher wrote: »
    I'm with you there. The destination address would also probably get NATed, so you would never actually see the inside address (outside local) of the remote network. I guess there must be times when you can, or why would they bother putting it in the ouput of the show ip nat translations command?

    Exactly! I can understand what NG2F is saying, and it was the only possibility I can see, but even that doesn't really make sense. We don't really care much about what the hardware way over at the other end of the connection does.

    Although perhaps it's referring to the 'return path' where my public IP becomes the Outside global and my private IP the Outside local, and the only difference between Inside and Outside is the direction the data is flowing. That makes a little bit of sense... but just barely.
    Latest Completed: CISSP

    Current goal: Dunno
    · Share on FacebookShare on Twitter
  • SelfmadeSelfmade Member Posts: 268
    think of it as a wall

    the inside local is on one side of the wall, which has the rest of your network behind the "local" side of the wall, the outside has the "rest of the internet" on the other side.

    the job of the inside local is to provide NAT translation to the outside, this is how they conserve so many IP addresses while seperating private networks from the internet.

    Think about a company's web server, or a company's internet based file server that is accessible between branches. That's kind of a good explaination for what NAT does and it's purpose.
    It's not important to add reptutation points to others, but to be nice and spread good karma everywhere you go.
    · Share on FacebookShare on Twitter
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    That explains inside local and inside global and, I suppose, outside global, but doesn't explain outside local... Unless there's a second wall waaaay over there.

    I suppose when you consider you may administer 2 private network locations separated in space; each with a public IP and some type of WAN connection connecting them it makes a bit more sense since "way out there" is also us/me.

    Is this (awesomely done, if I do say so myself) ascii-representation what you've been talking about? (R1 and R2 are performing NAT for the networks behind them, of which only PC1 and PC2 are shown)?

    ..IL........IG.....................OG........OL
    []
    []
    {cloud}
    []
    []
    PC1......R1..........................R2.......PC2

    [edit] gah. it removed my spacing and ruined my pretty ascii-art. replaced spaces with periods.
    Latest Completed: CISSP

    Current goal: Dunno
    · Share on FacebookShare on Twitter
  • notgoing2failnotgoing2fail Member Posts: 1,138
    bermovick wrote: »
    That explains inside local and inside global and, I suppose, outside global, but doesn't explain outside local... Unless there's a second wall waaaay over there.

    I suppose when you consider you may administer 2 private network locations separated in space; each with a public IP and some type of WAN connection connecting them it makes a bit more sense since "way out there" is also us/me.

    Is this (awesomely done, if I do say so myself) ascii-representation what you've been talking about? (R1 and R2 are performing NAT for the networks behind them, of which only PC1 and PC2 are shown)?

    ..IL........IG.....................OG........OL
    []
    []
    {cloud}
    []
    []
    PC1......R1..........................R2.......PC2

    [edit] gah. it removed my spacing and ruined my pretty ascii-art. replaced spaces with periods.


    That ASCII is correct. Also, the Outside Global/Local aren't used as often. I think Wendell Odom even mentioned that. There are some unique situations that you can run into where the OG/OL come in handy.....If I had a better memory, I would remember what those scenarios were... icon_mrgreen.gif
    · Share on FacebookShare on Twitter
  • SelfmadeSelfmade Member Posts: 268
    notgoing2fail wrote: »
    That ASCII is correct. Also, the Outside Global/Local aren't used as often. I think Wendell Odom even mentioned that. There are some unique situations that you can run into where the OG/OL come in handy.....If I had a better memory, I would remember what those scenarios were... icon_mrgreen.gif

    basically what he said, you kinda took my analogy a little offbase in what you were saying when you were thinking of 2 walls on one network lol.

    What I meant with my analogy is how there's a seperation between your network and the point to where NAT is done as far as explaining the local/global thing inside the network.
    It's not important to add reptutation points to others, but to be nice and spread good karma everywhere you go.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Stretch over at packetlife.net made a very good post explaining this:

    Understanding NAT address types - Packet Life
    · Share on FacebookShare on Twitter
  • alan2308alan2308 Member Posts: 1,854 ■■■■■■■■□□
    Forsaken_GA wrote: »
    Stretch over at packetlife.net made a very good post explaining this:

    Understanding NAT address types - Packet Life

    He's also got a nice **** sheet on NAT as well. I couldn't tell you how much time I've spent reading his posts.

    http://packetlife.net/media/library/32/NAT.pdf
    Facebook LinkedIn Twitter
    · Share on FacebookShare on Twitter
Sign In or Register to comment.