interface and each ATM VCC interface. Optionally, the bridging between the VCCs can be disabled.
4.4Network Address Port Translation
MW1122 supports Network Address Port Translation (NAPT) for TCP/IP, UDP/IP and ICMP/IP protocols. When NAPT is used, a single IP address is allocated to a VCC which leads to the public IP network. The Ethernet subnet has private IP addressing and is not visible to the VCC. NAPT translates the IP source address and source port number dynamically to the VCC IP address and port number. Similarly, packets coming from the VCC are mapped back to the original destination addresses. NAPT allows up to hundreds of hosts to share a single VCC IP address to the public network. The principle of Network Address Port Translation is presented in Figure 19.
Home network (LAN) |
|
|
| Internet (WAN) |
src:192.168.1.112:1228 | 192.168.1.254 |
| 195.112.12.161 | src:195.112.12.161:50001 |
dst:194.112.11.111:80 | NAPT router | dst:194.112.11.111:80 | ||
|
| |||
src:194.112.11.111:80 |
| src:194.112.11.111:80 | ||
dst:192.168.1.112:1228 |
| dst:195.112.12.161:50001 | ||
|
|
|
Figure 19 Principle of Network Address Port Translation
NAPT may restrict the operation of some IP applications. NAPT also operates as a simple IP firewall because translation is only allowed when the first packet is transmitted from the LAN. This means that the NAPT table entry is created only when a packet is sent from the home network to the Internet. With server support capability, the user can add static entries to the NAPT table allowing the translation always in both directions. This capability is used to add servers (HTTP, NNTP, and FTP), which are visible to the public IP network via the VCC, on the LAN subnet.
NAPT supports most
C33902002SE_00 | E Copyright Nokia Networks Oy | 27 |