1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE...
  6. Configuration manual

Nat Configurations; Traditional Nat; Basic Nat; Napt - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 Configuration Manual

Software for e series broadband services routers ip services configuration guide
Hide thumbs
Table of Contents

Advertisement

NAT Configurations

Traditional NAT

Copyright © 2010, Juniper Networks, Inc.
RFC 3022-Traditional IP Network Address Translator (Traditional NAT) (January 2001)
RFC 3027-Protocol Complications with the IP Network Address Translator (January
2001)
You can configure NAT in several different ways. Each of the following configuration
methods provides a solution for different configuration requirements:
Traditional NAT
Bidirectional NAT
Twice NAT
Traditional NAT is the most common method of using address translation. Its primary
use is translating private addresses to legal addresses for use in an external network.
When configured for dynamic operation, hosts within a private network can initiate access
to the external (public) network, but external nodes on the outside network cannot initiate
access to the private network.
Addresses on the private network and public network must not overlap. Also, route
destination advertisements on the public network (for example, the Internet) can appear
within the inside network, but the NAT router does not propagate advertisements of local
routes that reference private addresses out to the public network.
There are two types of traditional NAT—basic NAT and NAPT.

Basic NAT

Basic NAT provides translation for IP addresses only (called a simple translation) and
places the mapping into a NAT table. In other words, for packets outbound from the
private network, the NAT router translates the source IP address and related fields (for
example, IP, TCP, UDP, and ICMP header checksums). For inbound packets, the NAT
router translates the destination IP address (and related checksums) for entries that it
finds in its translation table.
CAUTION: Although NAT is the simplest translation method, it is the least
secure. By not including port or external host information in the translation,
basic NAT allows access to any port of the private host by any external host.

NAPT

Network Address Port Translation (NAPT) extends the level of translation beyond that
of basic NAT; it modifies both the IP address and the transport identifier (for example,
the TCP or UDP port number, or the ICMP query identifier) and places the mapping into
the translation table (this entry is called an extended translation). This method can
translate the addresses and transport identifiers of many private hosts into a few external
Chapter 2: Configuring NAT
63

Advertisement

Table of Contents
loading

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

Related Content for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

This manual is also suitable for:

Junose 11.3

Table of Contents