Nat Features; Nat And Nat Control - H3C S7500 Series Operation Manual
Hide thumbs
Also See for S7500 Series:
- Installation manual (79 pages) ,
- Operation manual (47 pages) ,
- Command manual (39 pages)
Table of Contents
Advertisement
Operation Manual – NAT, Netstream, Policy Routing
H3C S7500 Series Ethernet Switches
1.2 NAT Features
1.2.1 NAT and NAT Control
According to the NAT procedure illustrated in
access an external network, NAT selects a proper public address and substitutes it for
the source address in the packets from the internal host. In
of the outbound interface on the NAT server is selected. In this case, only one internal
host is allowed to access external network at a time because the NAT can provide only
one public address. This cannot meet the needs of multiple internal hosts to access
external networks concurrently.
To satisfy the concurrent Internet requests from internal hosts, you can have the NAT
server owns multiple public IP addresses that can be assigned to internal hosts. When
the first internal host tries to access external network, the NAT process selects a public
address for it and adds a mapping record in the NAT table; when the second internal
host tries to access external network, the NAT process selects another public address,
and so on.
Note:
Since there is little probability that all internal hosts would access external networks at
the same time, the public addresses on the NAT server can be much fewer than the
internal hosts. You can determine the number of public IP addresses that are needed
depending on the statistical number of internal hosts that may access external network
at traffic peak.
You can define an address pool for your NAT server to satisfy concurrent Internet
requests. In addition, you can use access control list (ACL) to control the NAT:
1)
An address pool is a collection of public IP addresses for NAT. You should
configure it depending on the number of available public IP addresses, the number
of internal hosts, and the practical application. During address translation, the NAT
process selects an address from the address pool to substitute the source
address.
2)
In practice, you may want to allow some internal hosts to access the Internet and
inhibit other hosts. You can use an ACL to control the NAT process to allow only
some specific hosts to access the Internet. With an ACL, when the NAT process
checks the header of a packet, it determines whether the source IP address is
allowed to access the Internet, and will not translate the address if it is not allowed.
Figure
1-1, when an internal host tries to
1-3
Chapter 1 NAT Configuration
Figure
1-1, the IP address
Advertisement
Chapters
Table of Contents
Troubleshooting
