i have scenario. a host H1 connected to F0 of Router R1(edge router). R1 connected through s0 to external router for internet connectivity. PAT is configured on R1 for internet access. everything is working fine and host can access internet. Also when I ping the external router, i receive the reply.

For a echo request, the encapsulation will start at layer 3 at H1 and sent out of NIC. Frame is delivered to F0 of R1. then the packet is extracted. Since the destination is outside network, the packet is destined to switch out of S0. Now PAT is implemented. since pat uses port numbers to differentiate various sessions, the encapsulation at the S0 of router R1 should start at transport layer.

Kindly let me know if the above is correct or Am I going wrong somewhere. I asked few people including my trainer but they could not confirm the above said by me.

Mr Lammle, Kindly reply to my query if my understanding is correct. Thanks in advance.

Indra G

I understand what you are thinking it is good that you think "Transport layer" when you use the word(s) "port numbers".

However, what PAT does is look at incoming sessions from an inside host and look at the source port number. PAT does this and it has nothing to do with the Transport layer. Yes, the Transport layer generated the source port number, but the service that PAT provides uses this source port number generated and puts it in the translation table.

NAT/PAT does not generate any numbers on their own. It is just a very basic translation service.

Cheers!
Todd Lammle