11.2 NAT Operation
11.2.6 Handling overlapping networks

The Figure illustrates NAT operation when addresses in the inside network overlap with addresses that are in the outside network. The steps in the following list correspond to the numbered addresses NAT operation steps shown in the Figure:

  1. User at 10.1.1.1 opens a connection to host C (10.1.1.3), and 10.1.1.1 does a name-to-address lookup to a DNS server.

  2. If there is an address overlap, the router intercepts the DNS reply and translates the returned address. In this case, 10.1.1.3 overlaps with an inside address. To translate the return address of host C, the router creates a simple translation entry that maps the overlapping address 10.1.1.3 to an address from a separately configured outside local address pool. In this example, the address is 193.3.3.3.

  3. The router then forwards the DNS reply to 10.1.1.1. The reply has the address of host C as 193.3.3.3. At this point, 10.1.1.1 opens a connection to 193.3.3.3.

  4. When the router receives the packet for host C, the router sets up a translation that maps the inside local address and the global, outside global, and local addresses. The router replaces the source address of 10.1.1.1 with the inside global address of 192.2.2.2, and replaces the destination address of 193.3.3.3 with the outside global address 10.1.1.3 of host C.

  5. Host C receives a packet and continues the conversation.

For each packet sent between 10.1.1.1 and host C, the router does a lookup, replaces the destination address with the inside local address, and replaces the source address with the outside local address.

For each packet sent between 10.1.1.1 and Host C, the router does a lookup, replaces the destination address with the inside local address, and replaces the source address with the outside local address.