CCNA 2 v6 Chapter 9: Check Your Understanding Questions Answers

CCNA 2 v6.0 (Routing & Switching Essentials v6) Chapter 9: NAT for IPv4: Check Your Understanding Questions Answers

1. Typically, which network device is used to perform NAT for a corporate environment?

  • Switch
  • Server
  • DHCP server
  • Router
  • Host device

Explanation: Typically, the translation from private IP addresses to public IP addresses is performed on routers in corporate environments. In a home environment, this device might be an access point that has routing capability or the DSL or cable router.

2. When NAT is employed in a small office, which address type is typically used for hosts on the local LAN?

  • Both private and public IP addresses
  • Global public IP addresses
  • Internet-routable addresses
  • Private IP addresses

Explanation: It is common practice to configure addresses from the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 ranges.

3. Which version of NAT allows many hosts inside a private network to simultaneously use a single inside global address for connecting to the Internet?

  • Dynamic NAT
  • PAT
  • Port forwarding
  • Static NAT

Explanation: PAT allows many hosts on a private network to share a single public address by mapping sessions to TCP/UDP port numbers.

4. Which type of NAT maps a single inside local address to a single inside global address?

  • Dynamic
  • Overloading
  • Port address translation
  • Static

Explanation: A one-to-one mapping of an inside local address to an inside global address is accomplished through static NAT.

5. What is a disadvantage of NAT?

  • The costs of readdressing hosts can be significant for a publicly addressed network.
  • The internal hosts have to use a single public IPv4 address for external communication.
  • There is no end-to-end addressing.
  • The router does not need to alter the checksum of the IPv4 packets.

Explanation: Many Internet protocols and applications depend on end-to-end addressing from the source to the destination. Because parts of the header of the IP packets are modified, the router needs to alter the checksum of the IPv4 packets. Using a single public IP address allows for the conservation of legally registered IP addressing schemes. If an addressing scheme needs to be modified, it is cheaper to use private IP addresses.

6. How can NAT cause IPsec to fail?

  • End-to-end IPv4 traceability is lost.
  • Header values are modified, which causes issues with integrity checks.
  • Network performance is degraded even more than with just NAT.
  • Troubleshooting is made impossible.

Explanation: IPsec and other tunneling protocols do integrity checks. NAT must modify IP headers to translate private IP addresses to public addresses. Disadvantages of using NAT include causing end-to-end IPv4 traceability to be lost, complicating troubleshooting, and slowing down traffic such as VoIP, which cannot tolerate much delay.

7. Which statement accurately describes dynamic NAT?

  • It always maps a private IP address to a public IP address.
  • It dynamically provides IP addressing to internal hosts.
  • It provides a mapping of internal host names to IP addresses.
  • It provides an automated mapping of inside local to inside global IP addresses.

Explanation: Dynamic NAT provides a dynamic mapping of inside local to inside global IP addresses. NAT is merely the one-to-one mapping of one address to another address without taking into account whether the address is public or private. DHCP is automatic assignment of IP addresses to hosts. DNS is mapping host names to IP addresses.

8. A network administrator configures the border router with the ip nat inside source list 4 pool NAT-POOL global configuration command. What is required to be configured for this particular command to be functional?

  • A VLAN named NAT-POOL to be enabled and active and routed by R1
  • A NAT pool named NAT-POOL that defines the starting and ending public IP addresses
  • An access list named NAT-POOL that defines the private addresses that are affected by NAT
  • An access list numbered 4 that defines the starting and ending public IP addresses
  • ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT

Explanation: For the ip nat inside source list 4 pool NAT-POOL command to work, the following procedure needs to be used beforehand:

  • Create an access list that defines the private IP addresses affected by NAT.
  • Establish a NAT pool of starting and ending public IP addresses by using the ip nat pool command.
  • Use the ip nat inside source list command to associate the access list with the NAT pool.
  • Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside commands.

9. When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

  • All users can access the server.
  • No users can access the server.
  • The first user is disconnected when the seventh user makes the request.
  • The request to the server for the seventh user fails.

Explanation: If all the addresses in the NAT pool have been used, a device must wait for an available address before it can access the outside network.

10. What is the purpose of port forwarding?

  • Port forwarding allows for translating inside local IP addresses to outside local addresses.
  • Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
  • Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.
  • Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.

Explanation: Port forwarding allows a user or program from outside to reach services inside a private network. It is not a technique that allows for using services with nonstandard port numbers. NAT or PAT convert inside IP addresses to outside local addresses.

11. What is a characteristic of unique local addresses?

  • Their implementation depends on ISPs providing the service.
  • They allow sites to be combined without creating address conflicts.
  • They are defined in RFC 3927.
  • They are designed to improve the security of IPv6 networks.

Explanation: Link-local addresses are defined in RFC 3927. Unique local addresses are independent of any ISP and are not meant to improve the security of IPv6 networks.

12. Which prefix is used for IPv6 ULAs?

  • FC00::/7
  • FF02::1:FF00:0/104
  • 2001:DB8:1:2::/64
  • 2001:7F8::/29

Explanation: Unique local addresses (ULA) are similar to private addresses within IPv4. These addresses cannot be routed across the Internet.

13. Which technology would be used on a router that is running both IPv4 and IPv6?

  • Dynamic NAT
  • Dual stack
  • NAT for IPv6
  • Static NAT

Explanation: Dual stack is used when a router has protocols associated with both IPv4 and IPv6 that it must process. Static and dynamic NAT are technologies used in IPv4 to translate private to public addresses. NAT for IPv6 is a generic term that is used when describing the transition of going from IPv4 to IPv6.

14. Which configuration would be appropriate for a small business that has the public IP address of 209.165.200.225/30 assigned to the external interface on the router that connects to the Internet?

  • access-list 1 permit 10.0.0.0 0.255.255.255
    ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
    ip nat inside source list 1 pool NAT-POOL
  • access-list 1 permit 10.0.0.0 0.255.255.255
    ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
    ip nat inside source list 1 pool NAT-POOL overload
  • access-list 1 permit 10.0.0.0 0.255.255.255
    ip nat inside source list 1 interface serial 0/0/0 overload
  • access-list 1 permit 10.0.0.0 0.255.255.255
    ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
    ip nat inside source list 1 pool NAT-POOL overload
    ip nat inside source static 10.0.0.5 209.165.200.225

Explanation: With the ip nat inside source list 1 interface serial 0/0/0 overload command, the router is configured to translate internal private IP addresses in the range of 10.0.0.0/8 to a single public IP address, 209.165.200.225/30. The other options will not work because the IP addresses defined in the pool, 192.168.2.0/28, are not routable on the Internet.

15. What are two of the required steps to configure PAT? (Choose two.)

  • Create a standard access list to define applications that should be translated.
  • Define a pool of global addresses to be used for overload translation.
  • Define the hello and interval timers to match the adjacent neighbor router.
  • Define the range of source ports to be used.
  • Identify the inside interface.

Explanation: The steps that are required to configure PAT are to define a pool of global addresses to be used for overload translation, to configure source translation by using the keywords interface and overload, and to identify the interfaces that are involved in the PAT.

16. What is the group of public IPv4 addresses used on a NAT-enabled router known as?

  • Inside global addresses
  • Inside local addresses
  • Outside global addresses
  • Outside local addresses

Explanation: An inside local address is the address of the source as seen from the inside of the network. An outside global address is the address of the destination as seen from the outside network.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments