NAT 多对多地址映射

多对多地址映射：

多个内网地址使用访问控制列表来定义：（只是定义了地址范围，不要应用到接口下）

多个外网地址使用地址池来定义。

如下拓扑:

首先搭建试验环境：

PC1:192.168.1.2

PC2:192.168.1.3

PC3:192.168.1.4

R0路由器上：

配置：

Router>en

Router#confi t

Router(config)#host R1

R1(config)#int fa0/0

R1(config-if)#ip add 192.168.1.1 255.255.255.0

R1(config-if)#no shut

R1(config-if)#int s0/0

R1(config-if)#ip add 222.222.222.1 255.255.255.0

R1(config-if)#clock rate 56000

R1(config-if)#no shut

R1(config-if)#int s0/1

R1(config-if)#exit

R1(config)#int fa0/0

R1(config-if)#ip nat inside

R1(config-if)#int s0/0

R1(config-if)#ip nat outside

R1(config-if)#access-list 1 permit 192.168.1.0 0.0.0.255

R1(config)#ip nat pool xiaoxiao 222.222.222.3 222.222.222.13 netmask 255.255.255.0

R1(config)#ip nat inside source list 1 pool xiaoxiao 多对多映射

R2：

Router>en

Router#confi t

Router(config)#host R2

R2(config)#int s0/1

R2(config-if)#ip add 222.222.222.2 255.255.255.0

R2(config-if)#no shut

R2(config-if)#int fa0/0

R2(config-if)#ip add 111.111.111.1 255.255.255.0

R2(config-if)#no shut

R2(config-if)#exit

R2(config)#line vty 0 4

R2(config-line)#password 12

R2(config-line)#login

R2(config-line)#exit

R2(config)#enable password 123

PC5：111.111.111.2 bbs.ipdata.cn web服务器

测试：PC1

PC>ping 111.111.111.2

Pinging 111.111.111.2 with 32 bytes of data:

Request timed out.

Reply from 111.111.111.2: bytes=32 time=125ms TTL=126

Reply from 111.111.111.2: bytes=32 time=109ms TTL=126

Reply from 111.111.111.2: bytes=32 time=109ms TTL=126

Ping statistics for 111.111.111.2:

Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),

Approximate round trip times in milli-seconds:

Minimum = 109ms, Maximum = 125ms, Average = 114ms

Pc2:

PC>telnet 111.111.111.1

Trying 111.111.111.1 ...

User Access Verification

Password:

Password:

R2>en

Password:

Password:

Password:

R2#

R2#

R2#

PC3:

R1上的现象：

NAT: s=192.168.1.2->222.222.222.3, d=111.111.111.2[1]

NAT: s=192.168.1.2->222.222.222.3, d=111.111.111.2[1]

NAT*: s=111.111.111.2, d=222.222.222.3->192.168.1.2[1]

NAT: s=192.168.1.2->222.222.222.3, d=111.111.111.2[1]

NAT*: s=111.111.111.2, d=222.222.222.3->192.168.1.2[1]

NAT: s=192.168.1.2->222.222.222.3, d=111.111.111.2[1]

NAT*: s=111.111.111.2, d=222.222.222.3->192.168.1.2[1]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT*: s=111.111.111.1, d=222.222.222.4->192.168.1.3[2]

NAT: s=192.168.1.3->222.222.222.4, d=111.111.111.1[2]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT*: s=111.111.111.2, d=222.222.222.5->192.168.1.4[3]

NAT: s=192.168.1.4->222.222.222.5, d=111.111.111.2[3]

R1#show ip nat tra

R1#show ip nat translations

Pro Inside global Inside local Outside local Outside global

--- 222.222.222.3 192.168.1.2 --- ---

--- 222.222.222.4 192.168.1.3 --- ---

--- 222.222.222.5 192.168.1.4 --- ---

多对多，试验完成。。