5.4.5 Practice Questions
How many concurrent connections does NAT support?
5,000 NAT supports a limit of 5,000 concurrent connections.
A network device is given an IP address of 172.16.0.55. Which type of network is this device on?
Class B private network A device with the IP address of 172.16.0.55 is on a Class B private network. A private network can use IPv4 addresses in the following ranges that have been reserved for private use (meaning they are not used by hosts on the internet). 10.0.0.0 to 10.255.255.255 (known as Class A private network addresses) 172.16.0.0 to 172.31.255.255 (known as Class B private network addresses) 192.168.0.0 to 192.168.255.255 (known as Class C private network addresses) IPv6 reserves all addresses beginning with a binary 1111 1110 11 (hexadecimal FEC0::/48) for private IP networks. This address range is called the site-local address range.
Which device is NAT typically implemented on?
Gateway router NAT is typically implemented on a default gateway router. AD server, RADIUS server, and ISP Router cannot be used to configure NAT.
At which layer of the OSI model do NAT routers operate?
Layer 3 (Network layer) NAT routers operate at the Network layer (Layer 3) of the OSI Model.
Which of the following does a NAT router use to identify where a host is connected on the switch?
PAT A NAT router uses Port Address Translation (PAT) to associate a port number with a request from a private host. When a return packet comes in, it is sent to the port number specified in the request. The NAT router uses its translation table to determine the private host associated with that port number and forwards the data to the appropriate host. Use dynamic NAT to share public addresses with multiple private hosts. Dynamic NAT allows private hosts to access the internet but does not allow internet hosts to initiate contact with private hosts. Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a web server) and make it available on the internet. IPv4 is the most widely used version of Internet Protocol (IP). It defines IP addresses in a 32-bit format.
You are the network administrator for a small company that implements NAT to access the internet. However, you recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these servers?
Static Static translation consistently maps an unregistered IP address to the same registered IP address on a one-to-one basis. Static NAT is particularly useful when a device needs to be assigned the same address so it can be accessed from outside the network, such as web servers and other similar devices. Dynamic translation would not work for these servers because it maps an unregistered host IP address to any available IP address configured in a pool of one or more registered IP addresses. Accessing a server assigned one of these addresses would be nearly impossible because the addresses are still shared by multiple hosts.
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. Which type of Network Address Translation (NAT) should you implement?
Dynamic Use dynamic NAT to share public addresses with multiple private hosts. Dynamic NAT allows private hosts to access the internet but does not allow internet hosts to initiate contact with private hosts.
Which NAT implementation assigns two IP addresses to the public NAT interface, allowing traffic to flow in both directions?
Dynamic and static Dynamic and static NAT can be implemented together. Using this implementation, two IP addresses are given to the public NAT interface (one for dynamic NAT and one for static NAT). This allows traffic to flow in both directions. Use dynamic NAT to share public addresses with multiple private hosts. Dynamic NAT allows private hosts to access the internet but does not allow internet hosts to initiate contact with private hosts. Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a web server) and make it available on the internet. The NAT router uses Port Address Translation (PAT) to associate a port number with a request from a private host.
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a web server) and make it available on the internet. External hosts contact the internal server using the public IP address and the static port. Using a static mapping allows external hosts to contact internal hosts. Dynamic NAT automatically maps internal IP addresses with a dynamic port assignment. On the NAT device, the internal device is identified by the public IP address and the dynamic port number. Dynamic NAT allows internal (private) hosts to contact external (public) hosts, but not vice versa. External hosts cannot initiate communications with internal hosts. DNS records associate a host name with an IP address. With multicast, a single data stream can be forwarded to all computers that are members of the same multicast group.
Which problem does NAT help address?
The shortage of IPv4 addresses Network Address Translation helps address the shortage of registered IPv4 addresses. A NAT router translates multiple private addresses into a single registered IP address. The internet is classified as a public network. All devices on a public network must have a registered IP address assigned by an Internet Service Provider (ISP). NAT does not address any issues in this process. There is no shortage of IPv6 addresses. NAT can cause IPSec to malfunction because NAT changes packet headers. IPSec detects changes to packet headers as part of the security process.