HPE FlexNetwork HSR6800 Configuration Manual page 129
Comware 7 layer 3, ip services
Hide thumbs
Also See for FlexNetwork HSR6800:
- Security command reference (538 pages) ,
- Configuration manual (482 pages) ,
- Command reference manual (153 pages)
Table of Contents
Advertisement
This value is the base number for mapping.
2.
Sorts the port blocks in ascending order of the start port number in each block.
3.
Sorts the private IP addresses and the public IP addresses separately in ascending order.
4.
Maps the first base number of private IP addresses to the first public IP address and its port
blocks in ascending order.
For example, the number of available port blocks of each public IP address is m. The first m private
IP addresses are mapped to the first public IP address and the m port blocks in ascending order. The
next m private IP addresses are mapped to the second IP address and the m port blocks in
ascending order. The other static NAT444 mappings are created by analogy.
Dynamic NAT444
Dynamic NAT444 works as follows:
1.
Creates a mapping from the internal host's private IP address to a public IP address and a port
block when the host initiates a connection to the public network.
2.
Translates the private IP address to the public IP address, and the source ports to ports in the
selected port block for subsequent connections from the private IP address.
3.
Withdraws the port block and deletes the dynamic NAT444 mapping when all connections from
the private IP address are disconnected.
Dynamic NAT444 uses ACLs to implement translation control. It processes only packets that match
an ACL permit rule.
Dynamic NAT444 supports port block extending. If the ports in the port block for a private address
are all occupied, dynamic NAT444 translates the source port to a port in an extended port block.
NAT444 gateway unified with BRAS device
NAT444 gateway and BRAS device unification is supported only for PPP users.
To unify the NAT444 gateway and BRAS device, specify the user address type in the ISP domain.
Supported user address types include private IPv4 address, private-DS address, and DS-Lite
address.
As shown in
unification:
1.
After a user of the specified address type passes authentication and obtains a private address,
NAT444 immediately assigns a public IP address and a port block to the user.
2.
NAT444 sends the NAT444 mapping to the BRAS.
3.
The BRAS records the mapping and reports it to the AAA server.
Compared to the separation of BRAS and NAT444, the unification provides the following functions:
•
If the NAT444 resources have been used up, the BRAS logs off the user, which ensures
accurate accounting on the AAA server.
•
The AAA server maintains one mapping for each online user until the user goes offline. This
solution implements user tracing without requiring an extra log server.
Figure 54 NAT444 gateway unified with BRAS device
Figure
54, the NAT444 gateway and BRAS device function as follows after the
116
Advertisement
Table of Contents
Troubleshooting
