Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
699
Views
5
Helpful
2
Replies

question about NAT PAT Overload !?

Go to solution
mohammed hashim
Level 1
Level 1

‎09-10-2016 08:02 AM - edited ‎03-08-2019 07:22 AM

hi,

in all of the example I saw, the PAT was illustrated as when the host want to communicate with public IP address like:

the issue is when a host want to communicate with the internet, then it generates random source ports. so it is possible that two hosts use something like 192.168.1.2:20001 and 192.168.3.2:20001 according to the example up!

if this happens, then how PAT will work, how it can forward the traffic to the right host when it receives flow from the internet ??

thanks, 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Luke Oxley
Level 1
Level 1

‎09-10-2016 09:08 AM

shako_alyom,

Thanks for your post. The answer to this is very simple, the router or firewall stores every NAT/PAT translation in its translation table, otherwise known as the xlate. I think you are getting confused, the port used on the global/outside IP address does not have to be the same as the port used for the inside IP. This means that when two internal hosts attempt to use the same port number, there is no problem.
In this example, the xlate table would look like the following.
Flow
Inside IP:Port
Outside IP:Port
Flow 1
192.168.1.7:20001
67.210.97.1:2834
Flow 2
192.168.1.3:20001
67.210.97.1:7927
The device handling the NAT'ing will randomly generate a port, as will the computers, being sure that they don't generate a port that is already in use with another flow or translation.

I hope that makes sense.

Kind regards,
Luke

Please rate helpful posts and mark correct answers.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Luke Oxley
Level 1
Level 1

‎09-10-2016 09:08 AM

shako_alyom,

Thanks for your post. The answer to this is very simple, the router or firewall stores every NAT/PAT translation in its translation table, otherwise known as the xlate. I think you are getting confused, the port used on the global/outside IP address does not have to be the same as the port used for the inside IP. This means that when two internal hosts attempt to use the same port number, there is no problem.
In this example, the xlate table would look like the following.
Flow
Inside IP:Port
Outside IP:Port
Flow 1
192.168.1.7:20001
67.210.97.1:2834
Flow 2
192.168.1.3:20001
67.210.97.1:7927
The device handling the NAT'ing will randomly generate a port, as will the computers, being sure that they don't generate a port that is already in use with another flow or translation.

I hope that makes sense.

Kind regards,
Luke

Please rate helpful posts and mark correct answers.
0 Helpful

Go to solution
mohammed hashim
Level 1
Level 1
In response to Luke Oxley

‎09-10-2016 09:21 AM

thanks a lot Luke,

very nice explained.

sometimes the books or blogs use an example which let you ask questions more than finding answers :)

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card