Difficulty: Medium
Correct Answer: Dynamic NAT using a pool of global addresses
Explanation:
Introduction / Context:
Cisco NAT supports several distinct modes: static NAT, dynamic NAT and Port Address Translation. The presence of a nat pool statement suggests that dynamic mappings may be created from that pool, but the exact type of NAT in use depends on how the pool is referenced in ip nat inside source commands. Recognising NAT types based on configuration fragments is a common exam and troubleshooting skill.
Given Data / Assumptions:
Concept / Approach:
Static NAT is configured with ip nat inside source static commands and does not use pools. PAT, or NAT Overload, adds the overload keyword to ip nat inside source list or route map commands to allow many inside locals to share a single inside global address via ports. Dynamic NAT uses ip nat inside source list list-number pool pool-name without overload, mapping each inside local to an available address from the pool on a first come first served basis. Therefore, the presence of a nat pool and its use without overload points to dynamic NAT.
Step-by-Step Solution:
Observe that ip nat pool todd-nat defines a named pool of inside global addresses. Pools are typically used for dynamic NAT or PAT, not for static one to one mappings.
Static NAT configurations instead list each mapping individually with ip nat inside source static inside-address outside-address and do not reference pools like todd-nat.
PAT requires the overload keyword, as in ip nat inside source list 1 pool todd-nat overload, to reuse a single address for many translations using ports.
In this scenario, the question specifically mentions that the pool is used without overload, implying that each translation consumes a dedicated global address from the pool.
That behaviour matches the definition of dynamic NAT using a pool of global addresses, where each inside local is dynamically mapped to one of the pool addresses, and the mapping is removed when sessions end.
Verification / Alternative check:
If you configure ip nat inside source list 1 pool todd-nat and then generate traffic from several inside hosts, show ip nat translations will show a series of one to one mappings, each using a different address from 170.168.10.10 through 170.168.10.20. Once the pool is exhausted, additional hosts cannot be translated. This is classic dynamic NAT behaviour and is distinct from PAT, where many hosts can share a single global address.
Why Other Options Are Wrong:
Option a, static one to one NAT, does not use address pools and instead creates fixed individual mappings with static statements.
Common Pitfalls:
Option c, PAT with overload, would require the overload keyword, which is absent in the description and would typically use one or a small number of global addresses rather than a larger range.
Option d, NAT exemption, refers to configurations that bypass NAT for some traffic and does not involve pools in this way.
Option e, outside source static NAT, involves mapping external addresses into the inside network and uses different configuration forms, not the simple inside source pool usage described here.
Common Pitfalls:
Students sometimes assume that any configuration involving a pool must be PAT, but this is not the case. The overload keyword is the key indicator of PAT, whereas a pool without overload indicates dynamic NAT. Always look for both the nat pool statement and how it is referenced in ip nat inside source commands to correctly identify the NAT type.
Final Answer:
The configuration is setting up dynamic NAT using a pool of global addresses when the pool is referenced without overload.
Discussion & Comments