Configuration of NAT on a Cisco Router

? For each of the preceding telnet and ping commands, provide an explanation why a command succeeds or fails.
? For each successful telnet session, include the IP header data of an outgoing and an incoming packet header (with respect to the private network)

On PC1: PC1% telnet 10.0.1.3 succeeds as both the hosts are in the same local network. No port or IP address mapping takes place. PC1% telnet 128.143.136.1 succeeds as NATP (Network Address and Port Translation) takes place. The NAT router maps the port numbers and IP addresses of the hosts within the private network to a global IP address and a unique NAT port number. The IP address translation is evident from the following IP header dump on eth0 and eth1 interfaces.
```
Internet Protocol, Src Addr: 10.0.1.2 (10.0.1.2), Dst Addr: 128.143.136.1
(128.143.136.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0xe763
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x40b6 (correct)
Source: 10.0.1.2 (10.0.1.2)
Destination: 128.143.136.1 (128.143.136.1)
Transmission Control Protocol, Src Port: 32774 (32774), Dst Port: telnet (23), Seq:
1857633137, Ack: 0, Len: 0
Source port: 32774 (32774)
Destination port: telnet (23)
Sequence number: 1857633137
Header length: 40 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x183f (correct)
Options: (20 bytes)
Maximum segment size: 1460 bytes
SACK permitted
Time stamp: tsval 777234, tsecr 0
NOP
Window scale: 0 (multiply by 1)

Internet Protocol, Src Addr: 128.143.136.22 (128.143.136.22), Dst Addr:
128.143.136.1 (128.143.136.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0xe763
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 63
Protocol: TCP (0x06)
Header checksum: 0x4312 (correct)
Source: 128.143.136.22 (128.143.136.22)
Destination: 128.143.136.1 (128.143.136.1)
Transmission Control Protocol, Src Port: 32774 (32774), Dst Port: telnet (23), Seq:
1857633137, Ack: 0, Len: 0
Source port: 32774 (32774)
Destination port: telnet (23)
Sequence number: 1857633137
Header length: 40 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x199b (correct)
Options: (20 bytes)
Maximum segment size: 1460 bytes
SACK permitted
Time stamp: tsval 777234, tsecr 0
NOP
Window scale: 0 (multiply by 1)
```
On Router1:
Router1# telnet 10.0.1.2 succeeds as both the hosts are in the same local network. No port or IP address mapping takes place.
Router1# telnet 128.143.136.1
succeeds as NATP (Network Address and Port Translation) takes place. The NAT router maps the port numbers and IP addresses of the hosts within the private network to the global IP address and a unique NAT port number. The IP address translation is evident from the following IP header dump on eth0 and eth1 interfaces.
```
Internet Protocol, Src Addr: 10.0.1.3 (10.0.1.3), Dst Addr: 128.143.136.1
(128.143.136.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 44
Identification: 0x0000
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 255
Protocol: TCP (0x06)
Header checksum: 0xa878 (correct)
Source: 10.0.1.3 (10.0.1.3)
Destination: 128.143.136.1 (128.143.136.1)
Transmission Control Protocol, Src Port: 11002 (11002), Dst Port: telnet (23), Seq:
128567105, Ack: 0, Len: 0
Source port: 11002 (11002)
Destination port: telnet (23)
Sequence number: 128567105
Header length: 24 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 4128
Checksum: 0x7f13 (correct)
Options: (4 bytes)
Maximum segment size: 536 bytes

Internet Protocol, Src Addr: 128.143.136.22 (128.143.136.22), Dst Addr:
128.143.136.1 (128.143.136.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 44
Identification: 0x0000
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: TCP (0x06)
Header checksum: 0xaad5 (correct)
Source: 128.143.136.22 (128.143.136.22)
Destination: 128.143.136.1 (128.143.136.1)
Transmission Control Protocol, Src Port: 11002 (11002), Dst Port: telnet (23), Seq:
128567105, Ack: 0, Len: 0
Source port: 11002 (11002)
Destination port: telnet (23)
Sequence number: 128567105
Header length: 24 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 4128
Checksum: 0x8070 (correct)
Options: (4 bytes)
Maximum segment size: 536 bytes
```
On PC4:
PC4% telnet 10.0.1.2
The telnet session is not successful as the host 10.0.1.2 lies in the private network and hence is not visible to any machine in the public network. Moreover there is no direct entry for any such network in PC4’s routing table. Also it does not have an entry for a default gateway. Hence the command doesn’t succeed.

Computer Science & Information Technology

You might also like to view...

Which of the following is NOT a category of suspicious TCP/IP packet?

A. bad header information B. single-packet attacks C. suspicious data payload D. suspicious CRC value

View

Computer Science & Information Technology

Which is not an advantage of the peer-to-peer network?

A) Centralized network security B) User-controlled resource sharing C) Low cost D) Easy to set up

View

Computer Science & Information Technology

A(n) _____ is a graphical model of an information system that depicts the logical relationships and interaction among system entities.

A. entity-relationship diagram (ERD) B. illustration flow chart C. query relationship diagram (QRD) D. data chart

View

Computer Science & Information Technology

The size of a thread pool in Windows XP is ________.

a) constant and specified by the programmer for each process b) constant for all processes on a system c) variable, modified by the system in response to the volume of requests d) all of the above are possible

View

Computer Science & Information Technology