Which of the following is a reason to use the roundrobin assignment feature of dynamic PAT addresses?
(Select the best answer.)
A.
You want to send traffic to more than one remote device.
B.
You want to map a single internal IP address to a single routable IP address.
C.
You want to prevent the misinterpretation of traffic as a DoS attack.
D.
You want to use a single mapped routable address.
Explanation:
You would use the roundrobin assignment feature of dynamic Port Address Translation (PAT) addresses if you
want to prevent the misinterpretation of traffic as a Denial of Service (DoS) attack. Dynamic PAT is a form of
Network Address Translation (NAT) that enables IP source addresses to be translated from many unique IP
addresses to one of a pool of routable IP address. NAT is most often used to conserve routable IP addresses
on the public side of a NAT router. When PAT is configured, an inside local address, along with a port number,
is typically mapped to a single inside global address. The NAT router uses port numbers to keep track of which
packets belong to each host.
Dynamic PAT is capable of mapping internal source addresses to more than one routable IP address. Some
security appliances could mistake a large number of packets from a single IP address as a DoS attack attempt.
Therefore, dynamic PAT supports the use of roundrobin to enable internal IP source addresses to map to more
than just one routable IP source address. By using dynamic PAT’s roundrobin assignment of IP addresses, the
risk of misidentification of large amounts of traffic as a DoS attack can be mitigated.
You could use PAT if you wanted to translate many internal addresses to a single routable IP address.
However, you would not need to use the dynamic PAT roundrobin feature to achieve this task. Roundrobin is
used to cycle through a pool of routable IP addresses instead of translating to a single routable IP address.
You would use static NAT to map a single internal IP address to a single routable IP address. Static NAT
translates a single inside local IP address to a single inside global IP address? the static mapping is
permanently present in the NAT translation table. It is therefore possible for someone on an outside network to
access a device on an inside network by using its inside global IP address.
You would not need to use dynamic PAT if you want to send traffic to more than one remote device. PAT
neither specifically enables nor specifically prevents the sending of traffic from one device to multiple remote
devices.Cisco: Information About NAT: Dynamic PAT: Dynamic PAT Disadvantages and Advantages