117
1.
Upon receiving a request from a user in an MPLS VPN to an external network, NAT translates the
private source IP address and port number to a NAT IP address and port number, and records the
MPLS VPN information, such as the VPN name.
2.
When a response packet arrives, NAT translates the destination IP address and port number to the
private IP address and port number, and forwards the packet to the target MPLS VPN.
The NAT Server feature supports NAT with MPLS VPN for external users to access the servers in an MPLS
VPN. For example, to enable a host at 10.110.1.1 in MPLS VPN 1 to provide Web services for Internet
users, configure NAT Server to use 202.110.10.20 as the public IP address of the Web server.
NAT with DNS mapping
NAT with DNS mapping allows an internal host to access an internal server on the same private network
by using the domain name of the internal server when the DNS server is on the public network.
NAT with DNS mapping must operate with the NAT Server feature. NAT with DNS mapping maps the
domain name of the internal server to the public IP address, public port number, and protocol type of the
server. NAT Server maps the public IP and port to the private IP and port of the internal server.
shows the application scenario for NAT with DNS mapping.
Figure 51
NAT with DNS mapping
Configure NAT with DNS mapping to record the mapping of the domain name, public address, public
port number, and protocol type of the Web server. Configure NAT Server to map the public address to
the private address of the Web server.
1.
When a DNS reply arrives on the NAT device, NAT performs a NAT with DNS mapping lookup
by using the domain name.
2.
If a match is found, the NAT continues to match the public address, public port number, and the
protocol type against the NAT Server configuration.
3.
If a match is found, NAT translates the public IP address in the reply into the private IP address of
the Web server.
4.
The internal host can access the internal server.
NAT with ALG
Use NAT with ALG to translate the payload information to ensure the establishment of data connections.
Summary of Contents for MSR 2600 Series
Page 6: ...We appreciate your comments...
Page 33: ...18 AC vlan1 quit...
Page 118: ...103...