Free Play Labs – CCNA Vol 2, Chapter 10
Welcome to the last post in the CCNA Cert Guide Packet Tracer Lab series!
These posts each feature one chapter from the CCNA Official Cert Guide, specifically chapters for which you can use Cisco Packet Tracer to replicate the examples in the chapter. In this case, Chapter 10 of the CCNA Cert Guide, Volume 2 discusses Network Address Translation. You can repeat the examples – but Packet Tracer does differ from real gear in meaningful ways. Take a look at this post for hints and tips on how to proceed!
Book: CCNA 200-301 OCG, Volume 1
Title: Network Address Translation
What’s in This Post
Chapter Intro: A brief description of the topics in that chapter of the book.
Download Link: Links to a ZIP; the ZIP holds all the .PKT files for this chapter.
Table of PKT files, by Example: A table that lists each example in the chapter, with the files supplied for each. Also lists a note about whether the PKT topology matches the book example exactly or not.
Tips: When we build the files, we come across items that we think might confuse you when trying the examples with PT. We write those notes in this section!
Chapter 10 of the CCNA 200-301 Official Cert Guide, Volume 2 discusses concepts and configuration related to Network Address Translation (NAT). The chapter moves from the basic options through more detailed: from static NAT, to dynamic 1:1 NAT, and then to Port Address Translation (PAT), which provides a 65536:1 ratio of private:public addresses used. The chapter takes a pretty straightforward approach, adding a little more detail with each more advanced feature.
Interestingly, Cisco Packet Tracer’s NAT-related show commands show incorrect output with the more basic features. For instance, the show ip nat translations command – useful to build an understanding of what NAT does – shows data as if you had configured NAT w/ PAT – even if you do not configure NAT. The configuration does generally follow what real routers allow, but take care to look at the per-example notes below, trust the book’s examples for device-realistic output (taken from real Cisco devices), and be a bit skeptical of NAT show commands in PT.
Download the Packet Tracer ZIP File
One .PKT File – But Maybe Two (Duplicate) Toplogies
When building the content for this post, we review the examples in the book and decide whether it makes sense to supply a Packet Tracer (.pkt) file to match the example. If we choose to support an example by supplying a matching .pkt file, the .pkt file includes a topology that matches the example as much as possible. It also includes the device configurations as they should exist at the beginning of the example.
In some cases, the .pkt file shows two instances of the lab topology – one above and one below. We include two such topologies when the book example includes configuration commands, for these purposes:
- Top/Initial: The topology at the top has the configuration state at the beginning of the example.
- Bottom/Ending: The topology at the bottom adds the configuration per the example, so that it mimics the configuration at the end of the example.
Table of .PKT Files, by Example
|.PKT Includes Initial State of Example?||.PKT Also Includes Ending State of Example?||
Exact Match of Interface IDs?
The example begins with a show running-config command that confirms static NAT has already been configured, so the .pkt file has already configured the static NAT commands shown in the example.
The output in PT for the example’s second command, show ip nat translation, the output will match temporarily. PT shows correct output before any user traffic is generated. However, if you generate traffic that uses the (simulated) NAT feature, the output expands to show output as if you had configured NAT/PAT. For instance, from PC1, issue a ping 220.127.116.11 command to ping the server in the Internet. Then repeat the show ip nat translation command to see the expanded (and incorrect) output.
The example lists only the output of a show running-config command that confirms dynamic NAT has already been configured, so the .pkt file begins with those commands pre-configured.
The example begins with dynamic NAT pre-configured per Example 10-2. The example shows the output in the state before any user traffic has been generated; PT happens to mostly mirror that output in compared to the output from real gear (as shown in the book’s example.)
In particular, note that the example’s first show command, show ip nat translation, lists null output because no translation table entries have been dynamically added yet. (PT should also list no lines initially, matching the example.)
The second command, show ip nat statistics, lists similar statistics and configuration settings as compared to the book example. However, the PT output has a few less lines, with a few less details, in comparison to the example in the book.
The example begins with dynamic NAT pre-configured per Example 10-2.
The example shows output after a user has generated traffic. The book shows the effects of using Telnet. To generate similar traffic in PT, use PC1, choose the web browser app instead of the command prompt, and browse to address 18.104.22.168 (the server in the Internet.) Then reload the page a few times. That should generate enough traffic to cause the command output to look more similar to the output in the example.
PT does diverge from real gear in this case, because the configuration enables NAT without PAT, but the show ip nat translation command lists port numbers, which it should only do if you had configured NAT with PAT. You may want to circle back to this example once you’ve finished all the examples for the chapter.
Note: Sometimes PT shows incorrect output in the show commands for inexplicable reasons. In our testing, a reload of the router, or a power cycle of the router, did not help, but closing the .pkt file and re-opening did.
This example works through a specific sequence of events – a sequence of events which may be difficult to replicate because of Cisco PT’s incorrect output when configured for NAT without PAT. It may not be worth trying, but if you want to attempt it, you can use the .pkt file for Example 10-2.
The example begins with dynamic NAT/PAT pre-configured per Example 10-6.
The command output from show ip nat translation lists port numbers, as it should. However, PT will not match the port numbers (listed after the : ) chosen by real gear.
Note that in real networks, most TCP-based apps keep their TCP connections open for a period of time, so that subsequent packets inside one TCP connection do not require a new NAT table entry. Cisco PT acts as if it stops each TCP connection almost immediately. As a result, if you generate test traffic multiple times, you will see multiple NAT table entries appear. For example, if you use PC1 to web browse to 22.214.171.124, and click “go” several times, you will create several NAT table entries.