nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

NAT / PAT Question

MouseCatcher

Hi all. I'm a long time forum lurker. Thanks to many of your threads, I passed my ICND1 last month with flying colors and am off to crush the ICND2 early next week. I've been studying hard and have a firm grasp on most of the topics. I totally understand static & overload (PAT). I do however, have an dumb question about Dynamic NAT.

When you create a pool of outside addresses to use (IE, ip nat pool cisco 216.1.1.1 216.1.1.14 netmask 255.255.255.240), where are these IP addresses found? What interfaces or on other routers?

If my outside interface only has one IP (given to me by the ISP), where do the other IPs come from? How do those other IPs point back to the NAT'ing router so it can translate them back to the inside. Or does the router have that many connections facing upstream?

Just trying to draw it out on paper and a little turned around.

Thanks for your help in advance.

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

networker050184

They do not need to be tied to an interface, just routed to your router by the upstream. Once the traffic reaches your router performing NAT they will be translated.

MouseCatcher

So even tho my routers outside address is a single IP (IE, 216.1.1.1), the other 13 addresses are routed back to me by my ISP?

networker050184

Yep that is how it works though you probably wouldn't get 13 host routes to you, either a /29 or 28.

MouseCatcher

Cool. Thank you very much. I was just confused on how I told the world those other IPs point towards my NAT'ing router. Thanks!

NetworkVeteran

MouseCatcher wrote: »

Cool. Thank you very much. I was just confused on how I told the world those other IPs point towards my NAT'ing router. Thanks!

Your ISP is generally responsible for this. They will likely use BGP to inform the outside world that your addresses are one of those that they know about, have good connectivity to, and are willing to forward traffic towards.

Your responsibility is thus to explain your needs and keep paying your bill.

xXErebuS

networker050184 wrote: »

They do not need to be tied to an interface, just routed to your router by the upstream. Once the traffic reaches your router performing NAT they will be translated.

THIS....

I hate looking at CE devices where people don't understand that (most always ones that just receive default route from provider and allow them to do BGP) and put the entire subnet mask for their range on the interface; so you're forced to use host routes if you want to use public NAT exempt addressing.