1 Jan 2010

NAT Order of Operation

To summarize, there's the old way of NATting (domain-based NAT) and the new way introduced with 12.3(T), NAT Virtual Interface (NVI).

In domain based NAT;
Packets on the outside first get translated then routed.
Packets on the inside interface the routing decision is made first and then the translation and forwarding.

In NVI based NAT
The translation/routing is done in a symmetric manner. Routing lookup is performed twice. First to send the packet to NVI, second to route packet using the post-translated addresses.

References: The Inside and Outside of Nat : CCIE Journey
NAT Order of Operation @ Cisco

No comments:

Post a Comment