NAT - Dynamic NAT

1 - Define the POOL of the DESTINATION IPs (Public)
(config)#ip nat pool DESTIN 131.1.12.3 131.1.12.8 prefix-length 24

2 - Define the ACCESS-LIST of the PRIVATE IPs
(config)#access-list 1 permit 10.2.2.0 0.0.0.255

3- Implement the NAT from-ACL-to-POOL IPs
(config)#ip nat inside source list 1 pool DESTIN

Do not forget to configure the "ip nat inside | outside" on the appropriate interfaces!

#sh ip nat translations <- BE SURE TO PING SOMETHING BEFORE YOU CHECK THE TRANSLATIONS:
Pro Inside global      Inside local       Outside local      Outside global
icmp 131.1.12.3:2      10.2.2.2:2         10.1.1.1:2         10.1.1.1:2
 --- 131.1.12.3        10.2.2.2           ---                ---

NAT - Static NAT

You can do STATIC NAT and just "go out" of the router with a different IP address:
*Traffic sourced from 10.2.2.1 will seem from 131.1.12.3
*Extendable is used if you need 1 LOCAL IP to be mapped to Various Public IPs
(config)#ip nat inside source static 10.2.2.1 131.1.12.3 [extendable]

Be sure to DEFINE the NAT INTERFACES:
(config)#int lo0 <- PRIVATE IP
(config-if)#ip nat inside

(config-if)#int s0/1/0.21 <- PUBLIC (Global) IP
(config-subif)#ip nat outside

#sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- 131.1.12.3         10.2.2.1           ---                ---

Inside Local - Private IP of the host in your Network
Inside Global - Public IP that outside network sees your hosts as
Outside Local - How the local network sees IP of the remote host
Outside Global - Public IP of the remote host

If you want to do NAT for a SUBNET:
(config)#ip nat inside source static network 10.2.2.0 200.2.2.0 /24

Is SDN really the future?

For all the Network Engineers out there who, like myself, scream inside whenever someone confidently declares that SDN is the future - Don´t panic... But DO consider expanding your skill set with a bit of Scripting/ Process Automation and similar... just in case.

*this article was originally published by networkworld.com

"We are seeing clients looking to hire a lot more DevOps people, because they need folks not just with a tactical, technical skillset, but with the ability to collaborate and coordinate business efforts across different departments," says Laura McGarrity, vice president of marketing for Mondo, an IT recruiting, hiring, and consulting firm.

"Our clients are hearing the terms 'SDN' and 'DevOps' a lot, and they want to find out what DevOps means, how and where to place these positions in their organizations, and whether to hire from outside or to mold talent from within," says Felix Fermin, senior technical recruiter at Mondo.

SDNs essentially automate networking functions. By removing the intelligence from traditional networking hardware and delegating network decision-making capabilities to the server, the data layer (the actual information traveling on a network) is decoupled from the control layer (the technology that determines how, when, and where that information flows), and each layer is automated.

This means independent control of each layer is possible without either the expensive, complicated hardware and software (e.g., routers and switches) or the highly skilled professionals who manage those devices, says Steve Shah, senior director of product management, of the Netscaler group at Citrix.

This push toward automation is a crucial element of SDN technology and one of the main reasons DevOps experience will be in high demand, says Shah.

"The kind of expertise you'll look for is no longer a hard-core, specialized programmer who focuses on individual devices and pieces of the network, but someone who can write code or scripts to automate processes and actions," Shah says.

"You may have to let people go in order to add new folks with the right skills. You may have to look long and hard, and spend more money to find experienced DevOps people, because you're looking at folks with a programmer's salary and with senior experience." --Steve Shah, senior director of product management, of the Netscaler group at Citrix.

"You need programming and scripting expertise, yes, but also folks with the broader business knowledge to see the entire data center topography and where inefficiencies and bottlenecks are happening - DevOps," Shah says.

Say Goodbye to Network Troubleshooters (YES, This scares the *** out of Network Engineers)

What kind of people have these skills? Higher-level networking pros, middle management types and DevOps people, Shah says. While the conventional argument is that low-level, junior network troubleshooters are all that's needed to keep an automated network running, Shah says the opposite is true.

"I think, contrary to popular belief, that entry-level, network troubleshooters who have expertise only on specific devices will suffer," Shah says.

"What makes an elite networking person special is the ability not just to troubleshoot, but to see the larger network topography, to understand how and why processes are automated, and to perform complicated heuristics to quickly get to the root of the problem," Shah says. "These guys have both a breadth and a depth to their skill set; they know not just how to design and deploy an automated network but also how to troubleshoot and fix problems at the command line. That's valuable."

Kurt Marko, an author, networking consultant and analyst, agrees with Shah's assessment.

"The low-level command line expert's going to go the way of the shell-scripting Linux wizard, or the DOS guy who was really good at writing batch jobs -- in other words, extinct," Marko says.

"With SDNs, networking devices are becoming so much more programmable with higher-level languages, and the networking guys are going to have to reskill to learn automation tools, scripting languages and the like," Marko says.

A First Time for Everything.

There's some uncertainty involved in making such a huge shift, and the technology and hiring decisions may be different for each company, Citrix's Shah says. That's where having a DevOps strategy, even if it's vague, can be helpful.

"Many times CIOs are encountering the need to hire DevOps folks for the first time, and there's by no means one simple way to go about fulfilling this new demand," Shah says. "Businesses should be asking, 'Where do I put them? How do I find system administrators who can write code? Or programmers who understand the larger IT landscape? We have ERP or CRM programmers on staff already - do we go with what we've got, invest in additional education for them, and promote them? Or should we hire some hard-core programmers and try and teach them the business side?'," Shah says.

Many organizations are asking these same questions, says Mondo's Fermin. While some of Mondo's clients are looking to hire DevOps professionals, Fermin says, many are simply in the early stages of assessing whether or not such positions will be valuable to their business.

That said, the sudden spike in interest from clients has Mondo predicting a strong demand for SDN-related skillsets and DevOps professionals into 2014.

There's no right or wrong approach, says McGarrity, so for now Mondo is tackling the issue from both sides: counseling candidates on how to beef up existing skills or add new ones that are applicable to these kinds of positions, and on the hiring side advising clients on which skills to look for, or how to identify and mold talent from within, she says.

Those decisions are unique to the needs of each business, but Citrix's Shah notes that these hard questions can lead to some hard decisions.

"You may have to let people go in order to add new folks with the right skills. You may have to look long and hard, and spend more money to find experienced DevOps people, because you're looking at folks with a programmer's salary and with senior experience," he says.

You also must remember that DevOps folks need to be involved in higher-level business decisions so they can create software and automation processes that can act in concert with or react quickly to changing business requirements, he says.

The bottom line is that both businesses and technology professionals must accept and adapt to the new landscape of an automated data center, including SDNs, says Marko.

In this sense, the advent of SDNs follows the trajectory of other disruptive IT technologies.

"Server administrators had to learn virtualization technologies. Networking guys are going to have to do the same, now," Marko says. "While there's still some value in these high-level, specialized networking skill sets, these professionals are going to have to adapt to whatever new skills are necessary, or be out of a job," he says.

A must read:
Isaac Asimov - The Last Question
http://filer.case.edu/dts8/thelastq.htm

Most Popular Posts