Cisco交换机支持NAT的型号

NAT Feature Support on Catalyst Switches

This table provides information about NAT feature support in Catalyst switches:

Catalyst Platform

Minimum Software Release

Catalyst 6500/6000—CatOS1 with Cisco IOS® Software on MSFC2/MSFC2/MSFC3

All versions

Catalyst 6000—CatOS (MSM3)

No support

Catalyst 6500/6000—Cisco IOS System Software

All versions

Catalyst 5500/5000 (RSM) 4

Cisco IOS Software Releases 11.2(P),11.3(T), 12.0, 12.0T, 12.1, 12.1T

Catalyst 5500/5000 (RSFC5)

Cisco IOS Software Release 12.1

Catalyst 4500/4000—CatOS (WS-X4232-L3)

No support/no plans

Catalyst 4500/4000—Cisco IOS Software (Supervisor Engine II+/III/IV/V)

No support currently6

Catalyst 3750

No support

Catalyst 3560

No support

Catalyst 3550

No support

Catalyst 2970

Not applicable (no support for IP routing)

Catalyst 2950/2955

Not applicable (no support for IP routing)

Catalyst 2940

Not applicable (no support for IP routing)

Catalyst 2900XL/3500XL

Not applicable (no support for IP routing)

Catalyst 2948G-L3/4908G-L3

No support/no plans

Catalyst 1900

Not applicable (no support for IP routing)

Catalyst 8500

No support/no plans

• 1 CatOS = Catalyst OS

• 2 MSFC = Multilayer Switch Feature Card

• 3 MSM = Multilayer Switch Module

• 4 RSM = Remote Switch Module

• 5 RSFC = Router Switch Feature Card

• 6 Catalyst 4500/4000 series switches with Supervisor Engine III/IV support the Access Gateway Module (AGM) in Cisco IOS Software Release 12.1(13)EW or later. You need Cisco IOS Software Release 12.2.13T or later on the AGM module. NAT has support in the software switching path on the AGM module.

Additional Notes for the Catalyst 6500/6000

1. Software performs the NAT function on the Catalyst 6500/6000 with a Supervisor Engine 1/2 and MSFC/MSFC2. There is no support in the hardware path.

2. When you use the NAT router feature on a Catalyst 6500 with Supervisor Engine 1/2 and MSFC/MSFC2, packets that traverse the NAT outside interface can (in certain configurations) undergo software route instead of Layer 3 (L3) switch. The software route can occur regardless of whether the packets require translation. For packets that traverse the NAT outside interface, the redirection to MSFC for software route should occur for only those packets that require NAT. Cisco IOS Software only translates traffic that traverses from NAT inside interfaces to NAT outside interfaces. Create the access control list (ACL) for use with NAT to be more specific. Have the ACL limit the software-handled packets to only those packets that require NAT translation. For example, if you use a general ACL, such as permit ip any any, to specify the traffic that requires NAT, all traffic inbound or outbound on the NAT outside interface has a software route. Traffic that does not originate in the NAT inside interfaces or have the NAT inside interfaces as a destination also has the software route. If you use a more specific ACL, such as permit ip 192.168.1.0 0.0.0.255 any, only the NAT outside traffic that matches the ACL has a software route.

3. The NAT function is performed in hardware for unicast packets on Catalyst 6500 with a Supervisor Engine 720 and MSFC3 when you run Cisco IOS Software Release 12.2(14)SX or later.