11-4 Administration Guide
Exterior addresses are allocated to internal hosts on a demand, or as-needed, basis and then made available
when traffic from that host ceases. Once an internal host has been allocated an address, it will use that
address for all traffic. Five minutes after all traffic ceases – no pings, all TCP connections closed, no DNS
requests, etc. – the address is put at the head of an
available
list. If an interior host needs an exterior address
an hour later, and the previously used address is still available, it will acquire the same address. If an interior
host that has not previously been allocated an exterior address needs one, it will be allocated the last, hence
the oldest, exterior address on the available list.
All NAT configurations are
rule-based
. This means that traffic passed through NAT from either the public or the
private network is compared to the rules and mappings configured in the Netopia Router in a par ticular order.
The first rule that applies to the traffic being initiated is used.
For example, if a connection is initiated from the public network and is destined for a public IP address
configured on the Netopia Router, the following comparisons are made in this order.
1.
The Netopia Router first checks its internal NAT cache to see if the data is par t of a previously initiated
connection, if not…
2.
The Netopia Router checks the configured ser ver lists to see if this traffic is intended to be for warded to an
internal host based on the type of ser vice.
3.
The Netopia Router then checks to see if there is a static, dynamic, or PAT mapping for the public IP
address that the connection is being initiated to.
4.
The Netopia Router answers the request itself if the data is destined for the Netopia’s WAN inter face IP
address. Other wise the data is discarded.
Complex maps
Map lists and ser ver lists are completely independent of each other. A Connection Profile can use one or the
other or both.
MultiNAT allows complex mapping and requires more complex configuration than in earlier firmware versions.
Multiple mapped interior subnets are suppor ted, and the rules for mapping each of the subnets may be
different. The figure below illustrates a possible multiNAT configuration.
Private Addresses
IP Host
Public Addresses
NAT Type
192.168.1.253
192.168.1.254
206.1.1.1
206.1.1.2
206.1.1.3
206.1.1.4
1:1 Static
1:1 Static
206.1.1.5
206.1.1.6
192.168.1.1 – 252
192.168.1.1 – 252
Web/FTP Ser ver
Email Ser ver
1:1 Dynamic
1:1 Dynamic
LAN Users
LAN Users
206.1.2.1 – 6
LAN Users
1:Many PAT
(possible later)
192.168.1.1
}
192.168.1.1 – 252
Summary of Contents for 4752
Page 1: ...Netopia 4752 SDSL Integrated Access Device Administration Guide ...
Page 12: ...Administration Guide ...
Page 18: ...2 4 Administration Guide ...
Page 30: ...4 8 Administration Guide ...
Page 34: ...5 4 Administration Guide ...
Page 40: ...6 6 Administration Guide ...
Page 58: ...Administration Guide ...
Page 82: ...9 24 Administration Guide ...
Page 110: ...10 28 Administration Guide ...
Page 172: ...12 30 Administration Guide ...
Page 206: ...13 34 Administration Guide ...
Page 236: ...Administration Guide ...
Page 242: ...A 6 Administration Guide ...
Page 258: ...C 14 Administration Guide ...
Page 264: ...E 4 Administration Guide ...
Page 284: ...2 Administration Guide ...