|
Home > Archive > 70-216 > August 2001 > NAT Question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| trebor 2001-08-18, 8:01 am |
| Hi,
Boy I thought this forum was desolate, but I have changed my mind after being on the 70-221. The last post there was one week ago and I am the poster.
I am getting a bit confused with Network Address Translation. Here it goes.
As I understand it, NAT cannot exist on the same network as a DHCP server or a Relay Agent. OK, so NAT acts as a mini-DHCP server for that segment. Does that mean that the router separating that segment from the rest of the private network must be bootP compliant because how else how are those machines (on the NAT segment) going to recieve their normal IP addresses. Or do those clients (on the NAT segment) have to be satified with the mini-DHCP service? | |
| splauber 2001-08-18, 12:03 pm |
| NAT can be used with a DHCP server...you have 2 options with NAT;
the internal addresses are assigned by a real DHCP server or they are assigned by NAT, which uses a virtual DHCP server callled an allocator (it offers DHCP without all of the options)
if you want to use a single NAT server for multiple segments seperated by a router than you should have a DHCP server on one side with the NAT server and a DHCP relay agent on the other side to resolve address requests, have the DHCP server issue the addresses and than configure NAT to allow the addresses in that entire range..dont forget that you need multiple interfaces (NIC's)..one for the gateway out and one for internal resolution. | |
| labelladonna 2001-08-20, 5:44 am |
| Can I configure the router to allow BootP instead of using a relay agent in another subnet? | |
| el duderino 2001-08-20, 4:07 pm |
| Although I haven't done it, I would imagine that configuring the router to pass bootp should work for this. | |
| splauber 2001-08-20, 4:44 pm |
| if your routers are bottp enabled than that basically resolves the issue than...since the clients are going to use dhcp discover, offer etc to get the ip's and they are broadcast based, bootp will pass them...then your original question is no longer an issue | |
| el duderino 2001-08-20, 4:50 pm |
| Hey splauber--quick question for you. Is using the router to pass bootp 'noiser' than using the DHCP relay agent? What I mean is, the DHCP relay agent should send the discover message straight to the DHCP server where the router would broadcast the discover to the subnet where the DHCP server is located, right? Or am I terribly confused?  | |
| splauber 2001-08-20, 4:54 pm |
| routers are designed to keep local traffic local. any broadcast message is going to create more noise. a dhcp relay agent gets Ip addresses on your behalf by getting from the dhcp server for you..so yes you are correct | |
| el duderino 2001-08-20, 5:04 pm |
| That's what I thought....thanks for the quick reply | |
| Ricker 2001-08-20, 7:22 pm |
| You're partially correct in assuming that the traffic is more "noisy" when you use bootp router. In effect, its no more noisy than using a DHCP relay agent, because that is exactly what a correctly configured router will do when you setup a router to forward that bootp request.
On my cisco 3640 routers, I have 3 of them, I've set them all up to forward the bootp requests to my dhcp server which has a superscope which is comprised of the 3 standard scopes that I have setup for each of the different subnets. Now, on each router I simply use this command:
ip helper-address 10.1.10.x
this means that when the routers see a bootp request or a dhcp request, they forward that request straight to the dhcp HELPER....which is the DHCP Server. VOILA! the request is not a broadcast at that point, its directed traffic, which is the SAME thing as dhcp relay. NOW, as for windows 2000 routers, thats a different story, I'm not so sure that they dont just forward the broadcast packets to a different network address....which wouldn't suprise me at all considering some of the other stupid things MS has done in the past with networking.
Hope this helps clear up the issue!
Thanks, | |
| el duderino 2001-08-20, 7:30 pm |
| Ricker, that's an excellent explanation. I only have two subnets, but I have DHCP servers on either side and I was wondering if you could configure the router to direct bootp traffic to a specific IP address on a different subnet.
As for the MS solution, if you were using a 2000 server for routing, it would only take a couple more clicks to set it up for DHCP relay (which forwards directly to the DHCP server), so why not?
Thanks again. Definitely learned something today. | |
| trebor 2001-08-26, 10:39 am |
| quote:
Originally posted by splauber
NAT can be used with a DHCP server...you have 2 options with NAT;
the internal addresses are assigned by a real DHCP server or they are assigned by NAT, which uses a virtual DHCP server callled an allocator (it offers DHCP without all of the options)
if you want to use a single NAT server for multiple segments seperated by a router than you should have a DHCP server on one side with the NAT server and a DHCP relay agent on the other side to resolve address requests, have the DHCP server issue the addresses and than configure NAT to allow the addresses in that entire range..dont forget that you need multiple interfaces (NIC's)..one for the gateway out and one for internal resolution.
Thanks for the great response. I was trying to reconcile what has been said on this thread and what I am reading in Exam Cram for 70-221 (what I am working on now):
"NAT has the following requirements:
-DHCP services are disabled.
_DNS resolution occurs through the NAT server."
Exam Cram |
|
|
|
|