Understand what NAT and PAT are and how to use them. NAT is a technology, specified
in RFC 1631, that is used to hide network addresses behind a single IP address or multiple IP
addresses. A company can use IP addresses set aside by RFC 1918 on their internal networks
and use single or multiple Internet-routable IP addresses to connect their company to the network.
PAT is like using NAT through a single IP address.
Know the advantages of NAT and PAT. The advantages of NAT and PAT are that they
enable an entire network to hide behind IP addresses. They provide a certain level of security
and enable a company to change ISPs quickly and painlessly. They also provide a primitive loadbalancing
mechanism between multiple hosts performing the same function.
Know the disadvantages of NAT and PAT. One disadvantage of using NAT and PAT is that
some protocols will not work because they carry IP address information in the payload of the
packet. In addition, NAT and PAT do not provide end-to-end significance for the IP address.
Cisco IOS will correct some of these problems with the most popular protocols, but it cannot
cover them all. Finally, a significant delay occurs in translating IP addresses, which introduces
latency in the communication path.
Understand how to configure NAT and PAT on a Cisco router. One option when configuring
NAT is to use dynamic NAT using a pool of IP addresses or through an interface. You can
also reuse those IP addresses with the overload parameter. PAT uses only a single IP address.
Another option is to configure a static translation from an outside IP address to an internal IP
address. PAT can also be configured with static translations, but they are based on TCP and
UDP port numbers and not on IP addresses only.
Know the troubleshooting techniques for NAT and PAT. The commands used to troubleshoot
NAT are show ip nat translation with the optional verbose parameter, and debug
ip nat, which logs NAT events as they occur on the router. For PAT, the only command used
to show troubleshooting information is the show ip pat command on the 700 series router.