- Posts: 350
- Thank you received: 0
could somone tell me...
18 years 11 months ago #10640
by jwj
-Jeremy-
Replied by jwj on topic Re: could somone tell me...
ISP's are expected to create access lists that filter out private ip addresses as defined in RFC 1918. The reason why these ip address ranges are not internet routable is because the ISP's don't let them be routed. Anyone who manages an internet facing router should also take precautions to filter out incoming private addresses because if you are receiving data from private networks than it can't be a good thing.
Some people take things a step further. There are many networks not allocated as of yet, so some people also take steps to filter out those networks as well. This is known as bogon prefixes. Here's a website that studies this as well as other routing and security issues .
My guess is that this scenario may be technically wrong if the outside NAT address is the internet gateway, but the principle of NAT is correct.
Some people take things a step further. There are many networks not allocated as of yet, so some people also take steps to filter out those networks as well. This is known as bogon prefixes. Here's a website that studies this as well as other routing and security issues .
My guess is that this scenario may be technically wrong if the outside NAT address is the internet gateway, but the principle of NAT is correct.
-Jeremy-
18 years 11 months ago #10641
by jhun
Replied by jhun on topic Re: could somone tell me...
yes i'm also thinking the same way that the given setup is somewhat wrong or either it is given as a hypothetical example just for illustration purposes.
18 years 11 months ago #10650
by rickardo
Replied by rickardo on topic Re: could somone tell me...
thanks chaps ..the reason why I'm so confused is because this example is part of ccna 4 NAT !!!and I couldn't believe they'd make such a blatant mistake :x
18 years 11 months ago #11268
by mew
Replied by mew on topic Re: could somone tell me...
I’m not sure why your instructor could not explain why, I can only guess, as this should be fairly simple (at least to the experienced). Cisco uses all private IP addresses in it’s labs and tests now. I assume that this is to insure that no Academy will accidentally put unauthorized “public” addressed packets on the internet. In the previous CCNA curriculum this was not the case. You should realize that even though only private addresses are used in the curriculum they often represent public IP’s.
The real confusing part is that it depends not only on which course but also which lab you are in as to weather it’s the class A, B or C private addresses that are used to represent the public addresses. An experienced Instructor should be able to tell. Please give a little slack to any inexperience your instructor may have. I’m sure they are doing the best they can.
Sorry, I did not notice/respond to this post earlier.
The real confusing part is that it depends not only on which course but also which lab you are in as to weather it’s the class A, B or C private addresses that are used to represent the public addresses. An experienced Instructor should be able to tell. Please give a little slack to any inexperience your instructor may have. I’m sure they are doing the best they can.
Sorry, I did not notice/respond to this post earlier.
18 years 11 months ago #11285
by rickardo
Replied by rickardo on topic Re: could somone tell me...
no problem,Mew...the diagram was in the cisco 3and 4 companion guide and private addresses are repeatedly put as "inside public",,if you've still got you yours(companion guide) I'll give you the page
Time to create page: 0.127 seconds