Foundry Switch and Router Installation and Configuration Guide
20 - 16 December 2000
The address 0.0.0.0 0.0.0.0 is the standard notation for an IP default route. The 63.251.295.1 address is the
address of the next-hop gateway for the route. In this case, the next-hop gateway is the Layer 3 Switch’s IP
interface with Internet access router.
The following commands change to the configuration level for port 1/24, configure an IP address on the port, and
enable inside NAT on the port. Port 1/24 connects the Layer 3 Switch to the Layer 2 Switch, which is connected to
the private network containing the NAT clients.
BigIron(config)# interface ethernet 1/24
BigIron(config-if-1/24)# ip address 10.10.10.50 255.255.255.192
BigIron(config-if-1/24)# ip nat inside
BigIron(config-if-1/24)# exit
The following commands change to the configuration level for port 4/1, configure an IP address on the port, and
enable outside NAT on the port. Port 4/1 connects the Layer 3 Switch to the Internet access device.
BigIron(config)# interface ethernet 4/1
BigIron(config-if-4/1)# ip address 63.251.295.46 255.255.255.192
BigIron(config-if-4/1)# ip nat outside
BigIron(config-if-4/1)# exit
The following command saves all the configuration changes above to the Layer 3 Switch’s startup-config file on
flash memory. The Layer 3 Switch applies NAT configuration information as soon as you enter it into the CLI.
Saving the changes to the startup-config file ensures that the changes are reinstated following a system reload.
BigIron(config)# write memory
Private NAT Clients Connected Directly to the Layer 3 Switch
Figure 20.3 shows an example of a NAT configuration in which the NAT clients on the private network are directly
connected to the Layer 3 Switch. The configuration commands are similar to those for the configuration in
“Private NAT Clients Connected to the Layer 3 Switch by a Layer 2 Switch” on page 20-14, except the inside NAT
and outside NAT interfaces are virtual routing interfaces (called virtual interfaces or ”VEs”) instead of physical
ports.
Since all the clients are in the same sub-net, the Layer 3 Switch is configured with a virtual interface to serve as
the inside NAT interface, the Layer 3 Switch’s IP interface for the NAT clients who have private addresses.
The virtual interface is required because you cannot configure IP addresses in the same sub-net on multiple
physical interfaces on the Layer 3 Switch. A virtual interface is a logical interface that allows you to associate the
same IP address (the IP address of the virtual interface) with multiple physical ports.
You can use a virtual interface for routing only when you add the interface to a port-based VLAN. A port-based
VLAN is a separate Layer 2 broadcast domain, a logical Layer 2 Switch within the Foundry device. The Layer 3
Switch uses virtual interfaces to route Layer 3 traffic between port-based VLANs. Thus, this configuration also
includes configuration of separate port-based VLANs for the clients’ inside NAT interface and for the outside NAT
interface.
To Next Page
Loading...
Need help?
General
