Nat Alg - Huawei quidway s7700 Configuration Manual
Smart routing switch
Hide thumbs
Also See for quidway s7700:
- Configuration manual (833 pages) ,
- Configuration manual - ethernet (648 pages) ,
- Configuration manual - multicast (551 pages)
Table of Contents
Advertisement
Quidway S7700 Smart Routing Switch
Configuration Guide - SPU
Easy IP
Easy IP takes the public IP address of the interface as the source address after NAT is performed.
In addition, it uses the Access Control List (ACL) to control the private addresses to be translated.
NAT ALG
If NAT is configured, application protocols that are exclusive with NAT cannot work normally.
Special processing is required. Packets of protocols that contain the IP address and/or port
number in the payload, which affects interaction of protocols.
The NAT ALG function is used for NAT traversal of special protocols. It implements transparent
transmission and relay of packets of a special protocol by replacing the IP address and port
number in the payload. Currently, the NAT ALG of the SPU supports the domain name system
(DNS), FTP, Real-Time Streaming Protocol (RTSP) and Session Initiation Protocol (SIP).
Twice NAT
The basic NAT technology translates only the source or destination address of packets, whereas
the twice NAT technology translates both the source and destination addresses of packets. The
twice NAT technology is applicable to the scenario where IP addresses of hosts on private and
public networks are overlapped. As shown in
network is the same as the IP address of PC3 on the public network. If PC2 on the private network
sends a packet to PC3, the packet will be incorrectly forwarded to PC1. On the SPU, the twice
NAT technology configures the mapping between the overlapped address pool and the temporary
address pool based on basic NAT. The overlapped IP address is translated to a unique temporary
address so that packets can be forwarded correctly.
Figure 3-3 Networking of twice NAT
You can configure twice NAT on the SPU as follows:
Configure basic NAT (many-to-many NAT). Configure an NAT address pool that contains IP
addresses 200.0.0.1 to 200.0.0.100 and apply it to the interface of the WAN.
Configure the mapping between a group of overlapped addresses and the temporary addresses:
10.0.0.0 to 3.0.0.0.
The mapping indicates that one overlapped address pool maps one temporary address pool. The
translation rule is as follows:
Issue 01 (2011-07-15)
PC 1
10.0.0.1/24
PC 2
10.0.0.1/24
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Figure
Switch
DNS Server
3 NAT Configuration
3-3, the IP address of PC1 on the private
PC 3
www.web.com
10.0.0.1/24
87
Advertisement
Table of Contents
