First we will not mention about the effect of the “extendable” keyword. So the purpose of the command “ip nat inside source static tcp 192.168.1.50 80 220.127.116.11 8080” is to translate packets on the inside interface with a source IP address of 192.168.1.50 and port 80 to the IP address 18.104.22.168 with port 8080. This also implies that any packet received on the outside interface with a destination address of 22.214.171.124:8080 has the destination translated to 192.168.1.50:80. Therefore answer C is correct.
Answer A is not correct this command “allows host 192.168.1.50 to access external websites using TCP port 80”, not port 8080.
Answer B is not correct because it allows external clients to connect to a web server at 126.96.36.199. The IP addresses of clients should not be 188.8.131.52.
Answer D is not correct because the configuration is correct.
Now we will talk about the keyword “extendable”.
Usually, the “extendable” keyword should be added if the same Inside Local is mapped to different Inside Global Addresses (the IP address of an inside host as it appears to the outside network). An example of this case is when you have two connections to the Internet on two ISPs for redundancy. So you will need to map two Inside Global IP addresses into one inside local IP address. For example:
ip nat inside source static 192.168.1.1 184.108.40.206 extendable
ip nat inside source static 192.168.1.1 220.127.116.11 extendable
//Inside Local: 192.168.1.1 ; Inside Global: 18.104.22.168 & 22.214.171.124
In this case, the traffic from ISP1 and ISP2 to the Server is straightforward as ISP1 will use 126.96.36.199 and ISP2 will use 188.8.131.52 to reach the Server. But how about the traffic from the Server to the ISPs? In other words, how does NAT router know which IP (184.108.40.206 or 220.127.116.11) it should use to send traffic to ISP1 & ISP2 (this is called “ambiguous from the inside”). We tested in GNS3 and it worked correctly! So we guess the NAT router compared the Inside Global addresses with all of IP addresses of the “ip nat outside” interfaces and chose the most suitable one to forward traffic.
This is what Cisco explained about “extendable” keyword:
“They might also want to define static mappings for a particular host using each provider’s address space. The software does not allow two static translations with the same local address, though, because it is ambiguous from the inside. The router will accept these static translations and resolve the ambiguity by creating full translations (all addresses and ports) if the static translations are marked as “extendable”. For a new outside-to-inside flow, the appropriate static entry will act as a template for a full translation. For a new inside-to-outside flow, the dynamic route-map rules will be used to create a full translation”.
But it is unclear, what will happen if we don’t use a route-map?
The command “ip nat inside source list 1 int s0/0 overload” translates all source addresses that pass access list 1, which means all the IP addresses, into an address assigned to S0/0 interface. Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports.
The command “ip nat inside source list 10 interface FastEthernet0/1 overload” configures NAT to overload on the address that is assigned to the Fa0/1 interface.