Nat With Alg; Nat Configuration Task List; Nat Configuration Restrictions And Guidelines - HPE FlexNetwork MSR Series Comware 7 Layer 3 - Ip Services Configuration Manuals
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 5 security configuration manual (547 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
5.
The internal host receives the DNS response, and obtains the private IP address of the Web
server.
DNS mapping can also be used by DNS ALG. The DNS reply from the external DNS server contains
only the domain name and public IP address of the internal server in the payload. The NAT interface
might have multiple internal servers configured with the same public IP address but different private
IP addresses. DNS ALG might find an incorrect internal server by using only the public IP address. If
a DNS mapping is configured, DNS ALG can obtain the public IP address, public port number, and
protocol type of the internal server by using the domain name. Then it can find the correct internal
server by using the public IP address, public port number, and protocol type of the internal server.
NAT with ALG
NAT with ALG translates address or port information in the application layer payloads to ensure
connection establishment.
For example, an FTP application includes a data connection and a control connection. The IP
address and port number for the data connection depend on the payload information of the control
connection. This requires NAT with ALG to translate the address and port information for data
connection establishment.
NAT configuration task list
Tasks at a glance
Perform one or more of the following tasks:
•
Configuring static NAT
•
Configuring dynamic NAT
•
Configuring NAT Server
•
Configuring NAT444
•
Configuring DS-Lite NAT444
(Optional.)
Configuring NAT with DNS mapping
(Optional.)
(Optional.)
(Optional.)
(Optional.)
messages for NAT failures
NAT configuration restrictions and guidelines
If fast forwarding load sharing is enabled, response packets sent or received on a different interface
than request packets are NATed according to fast forwarding entries. If fast forwarding load sharing
is disabled, these packets cannot be NATed. For more information about fast forwarding load sharing,
see "Configuring fast forwarding."
Configuring NAT hairpin
Configuring NAT with ALG
Configuring NAT logging
Enabling sending ICMP error
Remarks
If you perform all the tasks on an interface, the NAT rules
are sorted in the following order:
•
NAT Server.
•
Static NAT.
•
Static NAT444.
•
Dynamic NAT, dynamic NAT444, and DS-Lite
NAT444.
Dynamic NAT, dynamic NAT444, and DS-Lite
NAT444 have the same priority. Dynamic NAT rules
and dynamic NAT444 rules are sorted in descending
order of ACL numbers and are effective for IPv4
packets. DS-Lite NAT444 rules are effective for IPv6
packets.
N/A
N/A
N/A
N/A
N/A
141
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?