Causes NAT table entries to be created

Causes NAT table entries to be created

What does CIDR stand for?

a. Classful IP default routing

b. Classful IP D-class routing

c. Classful interdomain routing

d. Classless IP default routing

e. Classless IP D-class routing

f. Classless interdomain routing

·         F (Classless interdomain routing) . The word classless in this term refers to the fact that the routes advertise a block of addresses with a mask, and can essentially ignore the Class A, B, and C boundaries with regard to what address block is used. Also, because the motivation was to describe routes between different companies (different routing domains), the term uses the word interdomain.

Which of the following summarized subnets represent routes that could have been created for CIDR's goal to reduce the size of Internet routing tables?

a. 10.0.0.0 255.255.255.0

b. 10.1.0.0 255.255.0.0

c. 200.1.1.0 255.255.255.0

d. 200.1.0.0 255.255.0.0

·         D (200.1.0.0 255.255.0.0 ) . CIDR's original intent was to allow the summarization of multiple Class A, B, and C networks to reduce the size of Internet routing tables. Of the answers, only 200.1.0.0 255.255.0.0 summarizes multiple networks.

Which of the following are not private addresses according to RFC 1918? (Choose two answers.)

a. 172.31.1.1

b. 172.33.1.1

c. 10.255.1.1

d. 10.1.255.1

e. 191.168.1.1

·         B (172.33.1.1) and E (191.168.1.1 ) . RFC 1918 identifies private network numbers. It includes Class A network 10.0.0.0, Class B networks 172.16.0.0 through 172.31.0.0, and Class C networks 192.168.0.0 through 192.168.255.0.

With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created?

a. The first packet from the inside network to the outside network

b. The first packet from the outside network to the inside network

c. Configuration using the ip nat inside source command

d. Configuration using the ip nat outside source command

·         C (Configuration using the ip nat inside source command) . With static NAT, the entries are statically configured. Because the question mentions translation for inside addresses, the inside keyword is needed in the command.

With dynamic NAT, performing translation for inside addresses only, what causes NAT table entries to be created?

a. The first packet from the inside network to the outside network

b. The first packet from the outside network to the inside network

c. Configuration using the ip nat inside source command

d. Configuration using the ip nat outside source command

·         A (The first packet from the inside network to the outside network) . With dynamic NAT, the entries are created as a result of the first packet flow from the inside network.

NAT has been configured to translate source addresses of packets for the inside part of the network, but only for some hosts as identified by an access control list. Which of the following commands indirectly identifies the hosts?

a. ip nat inside source list 1 pool barney

b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0

c. ip nat inside

d. ip nat inside 200.1.1.1 200.1.1.2

·         A (ip nat inside source list 1 pool barney) . The list 1 parameter references an IP ACL, which matches packets, identifying the inside local addresses.

Examine the following configuration commands:

interface Ethernet0/0

ip address 10.1.1.1 255.255.255.0

ip nat inside

interface Serial0/0

ip address 200.1.1.249 255.255.255.252

ip nat inside source list 1 interface Serial0/0

access-list 1 permit 10.1.1.0 0.0.0.255

If the configuration is intended to enable source NAT overload, which of the following commands could be useful to complete the configuration? (Choose two answers.)

a. The ip nat outside command

b. The ip nat pat command

c. The overload keyword

d. The ip nat pool command

·         A (The ip nat outside command) and C (The overload keyword) . The configuration is missing the overload keyword in the ip nat inside source command and in the ip nat outside interface subcommand on the serial interface.

Examine the following show command output on a router configured for dynamic NAT:

-- Inside Source

access-list 1 pool fred refcount 2288

pool fred: netmask 255.255.255.240

start 200.1.1.1 end 200.1.1.7

type generic, total addresses 7, allocated 7 (100%), misses 965

Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause?

a. The problem is not related to NAT, based on the information in the command output.

b. The NAT pool does not have enough entries to satisfy all requests.

c. Standard ACL 1 cannot be used; an extended ACL must be used.

d. The command output does not supply enough information to identify the problem.

·         B (The NAT pool does not have enough entries to satisfy all requests.) . The last line mentions that the pool has seven addresses, with all seven allocated, with the misses counter close to 1000—meaning that close to 1000 new flows were rejected because of insufficient space in the NAT pool.