Lero tiphunzira PAT (Port Address Translation), ukadaulo womasulira maadiresi a IP pogwiritsa ntchito madoko, ndi NAT (Network Address Translation), ukadaulo womasulira maadiresi a IP a mapaketi apaulendo. PAT ndi nkhani yapadera ya NAT. Tikambirana mitu itatu:
- ma adilesi a IP achinsinsi, kapena amkati (intranet, amderali) ndi ma adilesi apagulu, kapena akunja a IP;
- NAT ndi PAT;
- Kusintha kwa NAT/PAT.
Tiyeni tiyambe ndi ma adilesi a IP achinsinsi. Tikudziwa kuti amagawidwa m'magulu atatu: A, B ndi C.
Ma adilesi a M'kalasi A amatenga makumi kuyambira 10.0.0.0 mpaka 10.255.255.255, ndipo ma adilesi akunja amakhala kuyambira 1.0.0.0 mpaka 9 komanso kuchokera 255.255.255 mpaka 11.0.0.0.
Ma adilesi amkati a B amakhala kuyambira 172.16.0.0 mpaka 172.31.255.255, ndipo ma adilesi akunja amachokera ku 128.0.0.0 mpaka 172.15.255.255 komanso kuchokera 172.32.0.0 mpaka 191.255.255.255.
Ma adilesi amkati amkalasi C amakhala kuyambira 192.168.0.0 mpaka 192.168.255.255, ndipo ma adilesi akunja amachokera ku 192.0.0 mpaka 192.167.255.255 komanso kuchokera ku 192.169.0.0 mpaka 223.255.255.255.
Ma adilesi a Gulu A ndi / 8, Gulu B ndi /12 ndipo Gulu C ndi /16. Chifukwa chake, ma adilesi akunja ndi amkati a IP amakalasi osiyanasiyana amakhala ndi magawo osiyanasiyana.
Takambirana kangapo kuti pali kusiyana kotani pakati pa ma adilesi achinsinsi ndi apagulu a IP. Nthawi zambiri, ngati tili ndi rauta ndi gulu la ma adilesi amkati a IP, akamayesa kupeza intaneti, rautayo amawatembenuza ku ma adilesi akunja a IP. Maadiresi amkati amagwiritsidwa ntchito pamanetiweki apafupi, osati pa intaneti.
Ngati ndiwona magawo a netiweki pakompyuta yanga pogwiritsa ntchito mzere wolamula, ndiwona adilesi yanga yamkati ya LAN IP 192.168.1.103.
Kuti mudziwe adilesi yanu ya IP, mutha kugwiritsa ntchito intaneti ngati "Kodi IP yanga ndi iti?" Monga mukuwonera, adilesi yakunja ya kompyuta 78.100.196.163 ndi yosiyana ndi adilesi yake yamkati.
Nthawi zonse, kompyuta yanga imawonekera pa intaneti ndendende ndi adilesi yake yakunja ya IP. Kotero, adilesi yamkati ya kompyuta yanga ndi 192.168.1.103, ndipo yakunja ndi 78.100.196.163. Adilesi yamkati imagwiritsidwa ntchito polumikizirana kwanuko, simungathe kulowa nayo intaneti, chifukwa cha izi muyenera adilesi ya IP yapagulu. Mutha kukumbukira chifukwa chake kugawanika kukhala maadiresi achinsinsi ndi agulu kunapangidwa powunikiranso phunziro la kanema Tsiku 3.
Tiyeni tiwone chomwe NAT ndi. Pali mitundu itatu ya NAT: static, dynamic and "overloaded" NAT, kapena PAT.
Cisco ili ndi mawu 4 omwe amafotokoza NAT. Monga ndanenera, NAT ndi njira yosinthira ma adilesi amkati kukhala akunja. Ngati chipangizo cholumikizidwa ndi intaneti chilandila paketi kuchokera ku chipangizo china pa netiweki yakomweko, chimangotaya paketiyi, chifukwa mawonekedwe a ma adilesi amkati samagwirizana ndi ma adilesi omwe amagwiritsidwa ntchito pa intaneti padziko lonse lapansi. Chifukwa chake, chipangizocho chiyenera kupeza adilesi ya IP yapagulu kuti ipeze intaneti.
Chifukwa chake, mawu oyamba ndi Inside Local, kutanthauza adilesi ya IP ya wolandila pa netiweki yamkati. M'mawu osavuta, iyi ndiye adilesi yoyamba yamtundu wa 192.168.1.10. Nthawi yachiwiri, Inside Global, ndi adilesi ya IP ya wolandila komweko komwe amawonekera pamaneti akunja. Kwa ife, iyi ndi adilesi ya IP ya doko lakunja la rauta 200.124.22.10.
Titha kunena kuti Inside Local ndi adilesi ya IP yachinsinsi, ndipo Inside Global ndi adilesi yapagulu ya IP. Kumbukirani kuti mawu akuti Inside amatanthauza komwe kumachokera magalimoto, ndipo Kunja amatanthauza komwe magalimotowa akupita. Kunja Kwako ndi adilesi ya IP ya wolandila pa netiweki yakunja, yomwe imawonekera ndi netiweki yamkati. Mwachidule, iyi ndi adilesi ya wolandila yomwe ikuwoneka kuchokera pa netiweki yamkati. Chitsanzo cha adilesi yotereyi ndi adilesi ya IP 200.124.22.100 ya chipangizo chomwe chili pa intaneti.
Kunja kwa Global ndi adilesi ya IP ya wolandirayo momwe amawonekera pamaneti akunja. Nthawi zambiri, ma adilesi a Kunja Kwako ndi Kunja kwa Global amawoneka chimodzimodzi chifukwa ngakhale atamasulira, adilesi ya IP imawonekera kugwero monga momwe zimakhalira asanamasuliridwe.
Tiyeni tiwone chomwe static NAT ndi. Static NAT imatanthawuza kumasulira kumodzi ndi kumodzi kwa ma adilesi a IP amkati kupita ku akunja, kapena kumasulira kumodzi ndi kumodzi. Zida zikatumiza kuchuluka kwa anthu pa intaneti, ma adilesi awo a Inside Local amasinthidwa kukhala ma adilesi a Inside Global.
Pali zida zitatu pamanetiweki athu amderali, ndipo zikalowa pa intaneti, chilichonse chimakhala ndi adilesi yakeyake ya Inside Global. Maadiresi awa amaperekedwa kumadera omwe ali ndi magalimoto. Mfundo imodzi ndi imodzi imatanthawuza kuti ngati pali zipangizo 3 pa intaneti, amalandira ma adilesi akunja a 100.
NAT idabadwa kuti isunge intaneti, yomwe idasowa ma adilesi a IP. Chifukwa cha NAT, makampani ambiri ndi maukonde ambiri amatha kukhala ndi adilesi imodzi yakunja yakunja ya IP, momwe ma adilesi am'deralo amasinthidwa akalowa pa intaneti. Mutha kunena kuti pankhaniyi ya static NAT palibe kupulumutsa mu ma adilesi, popeza makompyuta zana am'deralo amapatsidwa ma adilesi akunja zana, ndipo mudzakhala olondola. Komabe, static NAT ikadali ndi maubwino angapo.
Mwachitsanzo, tili ndi seva yokhala ndi adilesi ya IP yamkati ya 192.168.1.100. Ngati chipangizo chilichonse chochokera pa intaneti chikufuna kulumikizana nacho, sichingathe kutero pogwiritsa ntchito adilesi yolowera mkati, chifukwa izi ziyenera kugwiritsa ntchito adilesi yakunja ya seva 200.124.22.3. Ngati rauta yanu yakonzedwa ndi static NAT, magalimoto onse opita ku 200.124.22.3 amatumizidwa ku 192.168.1.100. Izi zimapereka mwayi wakunja kwa zida zapaintaneti zam'deralo, pakadali pano ku seva yapaintaneti yamakampani, zomwe zingakhale zofunikira nthawi zina.
Tiyeni tilingalire zamphamvu za NAT. Ndizofanana kwambiri ndi static, koma sizipereka ma adilesi akunja okhazikika ku chipangizo chilichonse chapafupi. Mwachitsanzo, tili ndi zida za 3 zam'deralo ndi ma adilesi akunja awiri okha. Ngati chipangizo chachiwiri chikufuna kugwiritsa ntchito intaneti, chidzapatsidwa adilesi yoyamba ya IP yaulere. Ngati seva yapaintaneti ikufuna kulowa pa intaneti pambuyo pake, rautayo ipereka adilesi yachiwiri yakunja. Ngati izi zitatha chipangizo choyamba chikufuna kugwirizanitsa ndi intaneti yakunja, sipadzakhalanso adilesi ya IP ya izo, ndipo router idzataya paketi yake.
Titha kukhala ndi zida mazana ambiri zomwe zili ndi ma adilesi a IP mkati, ndipo chilichonse mwa zidazi chimatha kugwiritsa ntchito intaneti. Koma popeza tilibe ma adilesi akunja osakhazikika, zida zopitilira 2 mwa zana zitha kulowa pa intaneti nthawi imodzi, chifukwa tili ndi ma adilesi akunja awiri okha.
Zida za Cisco zili ndi nthawi yomasulira yokhazikika, yomwe imakhala maola 24. Itha kusinthidwa kukhala 1,2,3, 10 mphindi, nthawi iliyonse yomwe mungafune. Pambuyo pa nthawiyi, ma adilesi akunja amamasulidwa ndikubwereranso ku dziwe la adilesi. Ngati panthawiyi chipangizo choyamba chikufuna kupeza intaneti ndipo adiresi iliyonse yakunja ilipo, ndiye kuti idzalandira. Router ili ndi tebulo la NAT lomwe limasinthidwa mwamphamvu, ndipo mpaka nthawi yomasulira itatha, adilesi yomwe wapatsidwa imasungidwa ndi chipangizocho. Mwachidule, NAT yamphamvu imagwira ntchito pa mfundo yakuti "woyamba kubwera, woyamba kutumikiridwa."
Tiyeni tiwone chomwe NAT yodzaza, kapena PAT, ili. Uwu ndiye mtundu wodziwika kwambiri wa NAT. Pakhoza kukhala zipangizo zambiri pa intaneti yanu - PC, foni yamakono, laputopu, piritsi, ndipo zonse zimagwirizanitsa ndi rauta yomwe ili ndi adilesi imodzi yakunja ya IP. Chifukwa chake, PAT imalola zida zingapo zokhala ndi ma adilesi amkati a IP kuti zilowetse intaneti nthawi imodzi pansi pa adilesi imodzi yakunja ya IP. Izi ndizotheka chifukwa chakuti adilesi iliyonse yachinsinsi, yamkati ya IP imagwiritsa ntchito nambala inayake ya doko panthawi yolumikizana.
Tiyerekeze kuti tili ndi adilesi imodzi ya anthu onse 200.124.22.1 ndi zida zambiri zakomweko. Chifukwa chake, mukalowa pa intaneti, makamu onsewa adzalandira adilesi yomweyo 200.124.22.1. Chinthu chokha chomwe chidzawasiyanitsa wina ndi mzake ndi nambala ya doko.
Ngati mukukumbukira zokambirana za gawo la zoyendera, mukudziwa kuti gawo la zoyendera lili ndi manambala adoko, pomwe doko loyambira limakhala nambala yachisawawa.
Tiyerekeze kuti pali wolandira pa intaneti yakunja ndi adilesi ya IP 200.124.22.10, yomwe imalumikizidwa ndi intaneti. Ngati kompyuta 192.168.1.11 ikufuna kuyankhulana ndi kompyuta 200.124.22.10, idzapanga doko lachisawawa 51772. Apa, doko lofikira la makompyuta akunja lidzakhala 80.
Pamene rauta ilandira paketi yapakompyuta yapafupi yopita ku netiweki yakunja, idzamasulira adilesi yake ya Inside Local ku Inside Global adilesi 200.124.22.1 ndikuyika nambala ya doko 23556. tumizaninso yankho molingana ndi njira yogwirana chanza, pakadali pano, komwe mukupita kudzakhala adilesi 200.124.22.10 ndi doko 200.124.22.1.
Router ili ndi tebulo lomasulira la NAT, kotero ikalandira paketi kuchokera ku kompyuta yakunja, idzazindikira adiresi ya Inside Local yofanana ndi adiresi ya Inside Global monga 192.168.1.11: 51772 ndi kutumiza paketiyo. Pambuyo pake, kugwirizana pakati pa makompyuta awiriwa kungaganizidwe kukhazikitsidwa.
Panthawi imodzimodziyo, mukhoza kukhala ndi zipangizo zana pogwiritsa ntchito adiresi yomweyo 200.124.22.1 kuti mulankhule, koma manambala osiyanasiyana a doko, kotero kuti onse amatha kugwiritsa ntchito intaneti nthawi imodzi. Ichi ndichifukwa chake PAT ndi njira yotchuka kwambiri yowulutsira.
Tiyeni tiwone kukhazikitsa NAT yokhazikika. Kwa netiweki iliyonse, choyamba, ndikofunikira kudziwa zolowera ndi zotuluka. Chithunzichi chikuwonetsa rauta yomwe magalimoto amatumizidwa kuchokera ku doko la G0/0 kupita ku doko la G0/1, ndiye kuti, kuchokera pa netiweki yamkati kupita ku netiweki yakunja. Chifukwa chake tili ndi mawonekedwe olowera 192.168.1.1 ndi mawonekedwe otulutsa 200.124.22.1.
Kuti tikonze NAT, timapita ku mawonekedwe a G0/0 ndikuyika magawo a ip adilesi 192.168.1.1 255.255.255.0 ndikuwonetsa kuti mawonekedwewa ndi omwe amalowetsamo pogwiritsa ntchito lamulo la ip nat mkati.
Momwemonso, timakonza NAT pa mawonekedwe a G0/1, kufotokoza adilesi ya ip 200.124.22.1, subnet mask 255.255.255.0 ndi ip nat kunja. Kumbukirani kuti kumasulira kwamphamvu kwa NAT kumachitidwa nthawi zonse kuchokera pazowonjezera mpaka pazotulutsa, kuchokera mkati kupita kunja. Mwachilengedwe, kwa NAT yamphamvu, kuyankha kumabwera pamawonekedwe olowera kudzera mu mawonekedwe otulutsa, koma magalimoto akayambika, ndi njira yolowera yomwe imayambika. Pankhani ya static NAT, kuyambitsa magalimoto kumatha kuchitika mbali iliyonse - mkati kapena kunja.
Kenako, tifunika kupanga tebulo lokhazikika la NAT, pomwe adilesi iliyonse yakumaloko imagwirizana ndi adilesi yapadziko lonse lapansi. Kwa ife, pali zipangizo za 3, kotero tebulo lidzakhala ndi zolemba za 3, zomwe zimasonyeza Inside Local IP adilesi ya gwero, yomwe imasinthidwa kukhala Inside Global adilesi: ip nat mkati mwa static 192.168.1.10 200.124.22.1.
Chifukwa chake, mu NAT yosasunthika, mumalemba pamanja kumasulira kwa adilesi iliyonse yam'deralo. Tsopano ndipita ku Packet Tracer ndikupanga zosintha zomwe tafotokozazi.
Pamwamba tili ndi seva 192.168.1.100, pansipa ndi kompyuta 192.168.1.10 ndipo pansi kwambiri ndi kompyuta 192.168.1.11. Doko la G0/0 la Router0 lili ndi adilesi ya IP ya 192.168.1.1, ndipo doko la G0/1 lili ndi adilesi ya IP ya 200.124.22.1. Mu "mtambo" woimira intaneti, ndinayika Router1, yomwe ndinapereka adilesi ya IP 200.124.22.10.
Ndikupita ku zoikamo za Router1 ndikulemba lamulo la debug ip icmp. Tsopano, ping ikafika pa chipangizocho, uthenga wochotsa cholakwika udzawonekera pazenera zowonetsera zomwe paketiyo ili.
Tiyeni tiyambe kukhazikitsa rauta ya Router0. Ndimapita kumayendedwe apadziko lonse ndikuyimbira mawonekedwe a G0/0. Kenako, ndikulowetsa lamulo la ip nat mkati, kenako ndikupita ku mawonekedwe a g0/1 ndikulowetsa ip nat kunja kwa lamulo. Chifukwa chake, ndidapereka zolowera ndi zotulutsa za rauta. Tsopano ndikufunika kukonza pamanja ma adilesi a IP, ndiye kuti, kusamutsa mizere kuchokera patebulo pamwambapa kupita ku zoikamo:
Ip nat mkati gwero malo amodzi 192.168.1.10 200.124.22.1
Ip nat mkati gwero malo amodzi 192.168.1.11 200.124.22.2
Ip nat mkati gwero malo amodzi 192.168.1.100 200.124.22.3
Tsopano ndiyimba Router1 kuchokera pazida zathu zonse ndikuwona zomwe IP maadiresi yomwe ping imalandira ikuwonetsa. Kuti ndichite izi, ndikuyika zenera lotseguka la CLI la rauta ya R1 kumanja kwa chinsalu kuti ndiwone mauthenga ochotsa zolakwika. Tsopano ndimapita ku PC0 command line terminal ndi ping adilesi 200.124.22.10. Pambuyo pa izi, pawindo pali uthenga woti ping idalandiridwa kuchokera ku adilesi ya IP 200.124.22.1. Izi zikutanthauza kuti adilesi ya IP yapakompyuta yakomweko 192.168.1.10 yamasuliridwa ku adilesi yapadziko lonse lapansi 200.124.22.1.
Ndimachita chimodzimodzi ndi kompyuta yotsatira yapafupi ndikuwona kuti adilesi yake yamasuliridwa ku 200.124.22.2. Kenako ndimayimba seva ndikuwona adilesi 200.124.22.3.
Choncho, pamene magalimoto ochokera ku chipangizo cham'deralo afika pa router yomwe static NAT imapangidwira, rautayo, malinga ndi tebulo, imasintha adilesi ya IP yapadziko lonse lapansi ndikutumiza magalimoto ku netiweki yakunja. Kuti muwone tebulo la NAT, ndikulowetsani lamulo lomasulira ip nat.
Tsopano titha kuwona zosintha zonse zomwe rauta imapanga. Chigawo choyamba cha Inside Global chili ndi adilesi ya chipangizocho chisanayambe kuulutsidwa, ndiye kuti, adilesi yomwe chipangizocho chimawonekera kuchokera pa intaneti yakunja, ndikutsatiridwa ndi adilesi ya Inside Local, ndiko kuti, adilesi ya chipangizocho pamaneti akomweko. Ndime yachitatu ikuwonetsa adilesi Yakunja Kwako ndipo gawo lachinayi likuwonetsa adilesi yakunja kwapadziko lonse lapansi, zonse zomwe zili zofanana chifukwa sitimasulira adilesi ya IP komwe tikupita. Monga mukuwonera, patatha masekondi angapo tebulo lidachotsedwa chifukwa Packet Tracer inali ndi nthawi yayitali ya ping.
Ndikhoza ping seva pa 1 kuchokera rauta R200.124.22.3, ndipo ngati ine kubwerera ku zoikamo rauta, ine ndikhoza kuona kuti tebulo kachiwiri wodzazidwa ndi mizere anayi ping ndi omasuliridwa kopita adiresi 192.168.1.100.
Monga ndanenera, ngakhale nthawi yomasulira itayambika, magalimoto akayambika kuchokera kunja, makina a NAT amangotsegulidwa. Izi zimachitika mukamagwiritsa ntchito static NAT.
Tsopano tiyeni tiwone momwe NAT yamphamvu imagwirira ntchito. Muchitsanzo chathu, pali ma adilesi awiri a anthu onse pazida zitatu zapaintaneti, koma patha kukhala makumi kapena mazana a makamu achinsinsi otere. Nthawi yomweyo, zida ziwiri zokha zimatha kugwiritsa ntchito intaneti nthawi imodzi. Tiyeni tiwone chomwe, kuwonjezerapo, ndi kusiyana kotani pakati pa NAT yokhazikika ndi yamphamvu.
Monga momwe zinalili m'mbuyomu, choyamba muyenera kudziwa zolowera ndi zotulutsa za rauta. Kenaka, timapanga mndandanda wamtundu wopezera, koma izi siziri zofanana ndi ACL zomwe tinakambirana m'phunziro lapitalo. Mndandanda wofikirawu umagwiritsidwa ntchito kuzindikira kuchuluka kwa magalimoto omwe tikufuna kusintha. Apa mawu atsopano akuti "magalimoto osangalatsa" kapena "magalimoto osangalatsa" akuwonekera. Awa ndi magalimoto omwe mumawakonda pazifukwa zina, ndipo magalimoto akamafanana ndi zomwe zili pamndandanda wofikira, amabwera pansi pa NAT ndipo amamasuliridwa. Mawuwa amakhudza magalimoto nthawi zambiri, mwachitsanzo, pa nkhani ya VPN, "zosangalatsa" ndi magalimoto omwe adzadutsa mumsewu wa VPN.
Tiyenera kupanga ACL yomwe imazindikiritsa magalimoto okondweretsa, kwa ife iyi ndi magalimoto amtundu wonse wa 192.168.1.0, pamodzi ndi chigoba chobwerera cha 0.0.0.255.
Kenako tiyenera kupanga dziwe la NAT, lomwe timagwiritsa ntchito lamulo la ip nat pool <pool name> ndikutchula dziwe la ma adilesi a IP 200.124.22.1 200.124.22.2. Izi zikutanthauza kuti timangopereka ma adilesi awiri akunja a IP. Kenako, lamuloli limagwiritsa ntchito mawu achinsinsi a netmask ndikulowetsa subnet mask 255.255.255.252. Octet yotsiriza ya chigoba ndi (255 - chiwerengero cha maadiresi dziwe - 1), kotero ngati muli ndi maadiresi 254 mu dziwe, ndiye subnet chigoba adzakhala 255.255.255.0. Izi ndi zofunika kwambiri, choncho onetsetsani kuti mwalowa mumtengo wolondola wa netmask mukamakhazikitsa NAT yamphamvu.
Kenako timagwiritsa ntchito lamulo loyambitsa makina a NAT: ip nat inside source list 1 dziwe NWKING, kumene NWKING ndilo dzina la dziwe, ndipo mndandanda 1 umatanthauza nambala ya ACL 1. Kumbukirani - kuti lamuloli ligwire ntchito, choyamba muyenera kupanga dziwe la maadiresi ndi mndandanda wofikira.
Kotero, pansi pa zikhalidwe zathu, chipangizo choyamba chomwe chikufuna kupeza intaneti chidzatha kuchita izi, chipangizo chachiwiri chidzatha kutero, koma chachitatu chiyenera kuyembekezera mpaka imodzi mwa maadiresi a dziwe ikhale yaulere. Kukhazikitsa NAT yamphamvu imakhala ndi masitepe a 4: kudziwa zolowera ndi zotuluka, kuzindikira magalimoto "osangalatsa", kupanga dziwe la NAT ndi kasinthidwe kwenikweni.
Tsopano tipita ku Packet Tracer ndikuyesera kukonza NAT yamphamvu. Choyamba tiyenera kuchotsa zosintha za NAT, zomwe timalowetsamo motsatira malamulo:
palibe Ip nat mkati gwero malo amodzi 192.168.1.10 200.124.22.1
palibe Ip nat mkati gwero malo amodzi 192.168.1.11 200.124.22.2
palibe Ip nat mkati gwero malo amodzi 192.168.1.100 200.124.22.3.
Kenako, ndimapanga mndandanda wa mwayi wopezeka Mndandanda 1 wa netiweki yonse yokhala ndi chilolezo chofikira 1 192.168.1.0 0.0.0.255 ndikupanga dziwe la NAT pogwiritsa ntchito lamulo ip nat pool NWKING 200.124.22.1 200.124.22.2 netmask 255.255.255.252. Mu lamulo ili, ndidatchula dzina la dziwe, maadiresi omwe ali mmenemo, ndi chigoba.
Kenaka ndikulongosola kuti NAT ndi yani - mkati kapena kunja, ndi gwero limene NAT iyenera kutenga zambiri, kwa ife ndilo mndandanda, pogwiritsa ntchito lamulo ip nat mkati mwa mndandanda wa gwero 1. Pambuyo pake, dongosololi lidzakufunsani ngati inu amafunika dziwe lathunthu kapena mawonekedwe enaake. Ndimasankha pool chifukwa tili ndi ma adilesi opitilira 1 akunja. Mukasankha mawonekedwe, muyenera kutchula doko lomwe lili ndi adilesi inayake ya IP. Lamulo lomaliza lidzawoneka motere: ip nat inside source list 1 pool NWKING. Panopa dziwe ili lili ndi maadiresi awiri 200.124.22.1 200.124.22.2, koma mukhoza mwaufulu kusintha kapena kuwonjezera maadiresi atsopano amene sagwirizana ndi mawonekedwe enieni.
Muyenera kuwonetsetsa kuti tebulo lanu lamayendedwe likusinthidwa kotero kuti ma adilesi aliwonse a IP omwe ali padziwe ayenera kutumizidwa ku chipangizochi, apo ayi simudzalandira magalimoto obwerera. Kuonetsetsa kuti zoikamo zikugwira ntchito, tibwerezanso njira yoyimbira rauta yamtambo, yomwe tidachitira static NAT. Nditsegula zenera la Router 1 kuti ndiwone mauthenga ochotsa zolakwika ndikuyiyika pazida zitatu zilizonse.
Tikuwona kuti ma adilesi onse omwe mapaketi a ping amachokera amafanana ndi zokonda. Nthawi yomweyo, ping kuchokera pakompyuta PC0 siigwira ntchito chifukwa ilibe adilesi yakunja yaulere yokwanira. Mukapita ku zoikamo rauta 1, mukhoza kuona kuti dziwe maadiresi 200.124.22.1 ndi 200.124.22.2 ntchito panopa. Tsopano ndizimitsa kuwulutsa, ndipo muwona momwe mizereyo imazimiririka imodzi ndi imodzi. Ine ping PC0 kachiwiri ndipo monga mukuonera, chirichonse ntchito tsopano chifukwa anatha kupeza ufulu kunja adiresi 200.124.22.1.
Kodi ndingachotse bwanji tebulo la NAT ndikusintha kumasulira kwa ma adilesi? Pitani ku zoikamo za rauta ya Router0 ndikulemba lamulo lomveka bwino ip nat translation * ndi asterisk kumapeto kwa mzere. Ngati tsopano tiyang'ana mawonekedwe omasulira pogwiritsa ntchito lamulo lomasulira ip nat, dongosololi lidzatipatsa mzere wopanda kanthu.
Kuti muwone ziwerengero za NAT, gwiritsani ntchito show ip nat statistics command.
Ili ndi lamulo lothandiza kwambiri lomwe limakupatsani mwayi woti mudziwe kuchuluka kwa matembenuzidwe osinthika, osasunthika komanso apamwamba a NAT/PAT. Mutha kuwona kuti ndi 0 chifukwa tidachotsa zowulutsa ndi lamulo lapitalo. Izi zikuwonetsa zolowera ndi zotulutsa, kuchuluka kwa kugunda kopambana komanso kosapambana ndikuphonya kutembenuka (chiwerengero cha zolephereka chifukwa cha kusowa kwa adilesi yakunja yaulere kwa wolandila wamkati), dzina la mndandanda wofikira ndi dziwe.
Tsopano tipita ku mtundu wotchuka kwambiri womasulira adilesi ya IP - zapamwamba NAT, kapena PAT. Kuti mukonze PAT, muyenera kutsatira njira zomwezo kuti mukonze NAT yosinthika: dziwani zolowera ndi zotulutsa za rauta, zindikirani kuchuluka kwa magalimoto "osangalatsa", pangani dziwe la NAT, ndikusintha PAT. Titha kupanga dziwe lomwelo la maadiresi angapo monga momwe zinalili kale, koma izi sizofunikira chifukwa PAT imagwiritsa ntchito adilesi yakunja yomweyo nthawi zonse. Kusiyana kokha pakati pa kukonza NAT yamphamvu ndi PAT ndi mawu osakira omwe amathetsa lamulo lomaliza la kasinthidwe. Mukalowetsa mawuwa, NAT yosinthika imasandulika kukhala PAT.
Komanso, mumangogwiritsa ntchito adilesi imodzi yokha mu dziwe la NWKING, mwachitsanzo 200.124.22.1, koma tchulani kawiri ngati adilesi yakunja yoyambira ndi yomaliza yokhala ndi chigoba cha 255.255.255.0. Mutha kuchita izi mosavuta pogwiritsa ntchito mawonekedwe a gwero ndi adilesi yokhazikika 1 ya mawonekedwe a G200.124.22.1/200.124.22.1 m'malo mwa ip nat 255.255.255.0 dziwe NWKING 200.124.22.1 0 netmask 1 mzere. Pamenepa, maadiresi onse akumaloko mukalowa pa intaneti adzasinthidwa kukhala adilesi ya IP iyi.
Mutha kugwiritsanso ntchito adilesi ina iliyonse ya IP padziwe, zomwe sizikugwirizana kwenikweni ndi mawonekedwe enieni. Komabe, munkhaniyi, muyenera kuwonetsetsa kuti ma routers onse pamaneti amatha kutumiza magalimoto obwerera ku chipangizo chomwe mwasankha. Zoyipa za NAT ndikuti sizingagwiritsidwe ntchito kumapeto mpaka kumapeto, chifukwa panthawi yomwe paketi yobwerera imabwerera ku chipangizo chapafupi, adilesi yake ya NAT IP yamphamvu ikhoza kukhala ndi nthawi yosintha. Ndiye kuti, muyenera kutsimikiza kuti adilesi ya IP yomwe mwasankha ikhalabe ikupezeka nthawi yonse yolumikizana.
Tiyeni tiwone izi kudzera pa Packet Tracer. Choyamba ndiyenera kuchotsa NAT yosunthika ndi lamulo loti palibe Ip nat mkati mwa mndandanda wa gwero 1 NWKING ndikuchotsa dziwe la NAT ndi lamulo la no Ip nat pool NWKING 200.124.22.1 200.124.22.2 netmask 225.255.255.252.
Ndiye ndiyenera kupanga PAT dziwe ndi lamulo Ip nat dziwe NWKING 200.124.22.2 200.124.22.2 netmask 225.255.255.255. Nthawi ino ndikugwiritsa ntchito adilesi ya IP yomwe siili ya chipangizo chakuthupi chifukwa chipangizo chakuthupi chili ndi adilesi ya 200.124.22.1 ndipo ndikufuna kugwiritsa ntchito 200.124.22.2. Kwa ife zimagwira ntchito chifukwa tili ndi netiweki yakomweko.
Kenako, ndimakonza PAT ndi lamulo Ip nat mkati mwa gwero mndandanda 1 dziwe NWKING overload. Mukalowetsa lamuloli, kumasulira kwa adilesi ya PAT kumatsegulidwa. Kuti muwone kuti khwekhwe ndi lolondola, ndimapita ku zipangizo zathu, seva ndi makompyuta awiri, ndi ping PC0 Router1 pa 200.124.22.10 kuchokera pa kompyuta. Muwindo la zoikamo rauta, mukhoza kuona mizere yowonongeka yomwe imasonyeza kuti gwero la ping, monga momwe timayembekezera, ndi IP adilesi 200.124.22.2. Ping yotumizidwa ndi kompyuta PC1 ndi seva Server0 imachokera ku adilesi yomweyo.
Tiyeni tiwone zomwe zimachitika pagawo lomasulira la Router0. Mutha kuwona kuti zomasulira zonse zikuyenda bwino, chipangizo chilichonse chimapatsidwa doko lake, ndipo ma adilesi onse am'deralo amalumikizidwa ndi Router1 kudzera pa adilesi ya IP ya dziwe 200.124.22.2.
Ndimagwiritsa ntchito chiwonetsero cha ip nat statistics kuti ndiwone ziwerengero za PAT.
Tikuwona kuti chiwerengero chonse cha otembenuka, kapena kumasulira maadiresi, ndi 12, tikuwona mawonekedwe a dziwe ndi zina.
Tsopano ndichita china - ndilowetsa lamulo la Ip nat mkati mwa gwero 1 mawonekedwe a gigabit Ethernet g0/1 overload. Ngati mutayimba rauta kuchokera ku PC0, mudzawona kuti paketiyo idachokera ku adilesi 200.124.22.1, ndiko kuti, kuchokera ku mawonekedwe akuthupi! Iyi ndi njira yosavuta: ngati simukufuna kupanga dziwe, lomwe nthawi zambiri limachitika mukamagwiritsa ntchito ma routers apanyumba, ndiye kuti mutha kugwiritsa ntchito adilesi ya IP ya mawonekedwe akuthupi a rauta ngati adilesi yakunja ya NAT. Umu ndi momwe adilesi yanu yachinsinsi yapaintaneti yapagulu imamasuliridwa nthawi zambiri.
Lero taphunzira mutu wofunika kwambiri, choncho muyenera kuuchita. Gwiritsani ntchito Packet Tracer kuyesa chidziwitso chanu cham'malingaliro motsutsana ndi zovuta za kasinthidwe ka NAT ndi PAT. Tafika kumapeto kwa kuphunzira mitu ya ICND1 - mayeso oyamba a maphunziro a CCNA, kotero ine mwina ndipereka phunziro lotsatira la kanema kuti ndifotokoze mwachidule zotsatira.
Zikomo chifukwa chokhala nafe. Kodi mumakonda zolemba zathu? Mukufuna kuwona zambiri zosangalatsa? Tithandizeni potipatsa oda kapena kulimbikitsa anzathu, 30% kuchotsera kwa ogwiritsa ntchito a Habr pa analogi yapadera yamaseva olowera, omwe tinapangira inu: (ikupezeka ndi RAID1 ndi RAID10, mpaka 24 cores mpaka 40GB DDR4).
Dell R730xd 2 nthawi zotsika mtengo? Pokhapokha ku Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - kuchokera $99! Werengani za
Source: www.habr.com