One NAT question...

johnifanx98

1.1.128.1
1.1.129.23
1.1.130.1
1.1.135.45

The above is the inside global addresses. If I will create a pool. What is the prefix length?

My answer is this: ip nat pool global-pool 1.1.128.1 1.1.135.254 prefix-length 21

Am I right?

networker050184

The prefix-length there really does not matter much unless you include the network and broadcast addresses within the pool range.

johnifanx98

Interesting?! I never see network/broadcast added in the pool when using netmask. So, prefix-length is different regarding this?

networker050184

The mask doesn't really matter for NAT if you think about it. What the prefix-length/netmask is there for is to keep network and broadcast addresses from being assigned out of the pool. If you just leave the netmask and broadcast out the mask is mostly irrelevant unless you use a shorter mask and accidently limit your legit assignments.

johnifanx98

I don't think your answer is relevant with my question. I'm simply confirming a prefix-length...

networker050184

It is relevant to your question. How are you going to assign a proper prefix-length if you don't know what the implications of this prefix-length is? You could use a prefix-length of /8 if you wanted to and still get the same result. The devil is in the details my friend.

TurK-FX

johnifanx98 wrote: »

1.1.128.1
1.1.129.23
1.1.130.1
1.1.135.45

The above is the inside global addresses. If I will create a pool. What is the prefix length?

My answer is this: ip nat pool global-pool 1.1.128.1 1.1.135.254 prefix-length 21

Am I right?

Yo put all those IP addresses in same subnet,, you need a subnet that supports minimum 1830 hosts. So yes, you need prefix lenght 21 or lower.
if you do /21, 1.1.128.1 thru 1.1.135.254 will be in same subnet.