Netopia R7200 Appendix C Understanding Netopia NAT Behavior, Network conﬁguration, Background

Page 221

Understanding Netopia NAT Behavior C-1

Appendix C

Understanding Netopia NAT Behavior

The Netopia R7200 implements a powerful feature called Network Address Translation (NAT) as speciﬁed in RFC 1631. NAT is used for IP address conservation and for security purposes since there will only be a single IP “presence” on the WAN. This appendix describes the NAT functionality within the Netopia R7200 and provides examples for setup and use.

Network conﬁguration

Below is a diagram of the network referenced in this appendix.

ISP Network

IP: 200.1.1.1

Mask: 255.255.255.0

Router

Internet

WWWServer

IP: 163.176.4.32

Mask: 255.255.255.0

MAC: 00-05-02-0c-1b-41

	Customer Site
Netopia Router	Netopia Router
WAN IP: 200.1.1.40	LAN IP: 192.168.5.1
Mask: 255.255.255.0	Mask: 255.255.255.240
MAC: 00-00-c5-60-21-0a	MAC: 00-00-c5-60-21-0a
	Netopia

Workstation A

IP: 192.168.5.2

Mask: 255.255.255.240

MAC: 00-05-02-04-12-4f

Workstation B

IP: 192.168.5.3

Mask: 255.255.255.240

MAC: 00-05-02-00-1e-03

LAN

Background

NAT is a mechanism employed within the Netopia R7200 to acquire a statically or dynamically assigned IP address on its WAN interface and proxy against locally assigned IP addresses on its LAN interface. The Netopia R7200 uses a one-to-many IP address mapping scheme; that is against a single IP address the Netopia R7200 acquires on its WAN interface, the Netopia R7200 can proxy 14, 30, or an unlimited number of IP hosts on the LAN interface.

In order to fully understand how NAT works, you must understand how a PPP connection is established and IP addresses are negotiated.

Image 221

Contents Netopia R7200 Sdsl Router Part Number Contents Part II Advanced Configuration Contents Aurp Snmp Xmodem Part III Appendixes User’s Reference Guide Part I Getting Started User’s Reference Guide Overview Features and capabilitiesChapter Introduction How to use this guide Finding an Internet service provider Chapter Setting Up Internet ServicesUnique requirements Setting up a Netopia R7200 account Obtaining an IP addressPricing and support Endorsements Deciding on an ISP accountLocal LAN IP address information to obtain Obtaining information from the ISPWith Network Address Translation Without Network Address TranslationUser’s Reference Guide Find a location Chapter Making the Physical ConnectionsWhat you need Identify the connectors and attach the cablesYour router on Netopia R7200 Sdsl Router back panel portsNetopia R7200 LED front panel Netopia R7200 Sdsl Router status lightsReadying computers on your local network Chapter Connecting to Your Local Area NetworkUser’s Reference Guide Connecting to an Ethernet network 10Base-T Adding an external modem Connecting to a LocalTalk network Chapter Setting up your Router with the SmartStart Wizard Before running SmartStart SmartStart Wizard conﬁguration screens Setting up your Router with the SmartStart WizardEasy option Advanced setupAdvanced option Conﬁguration screen on Conﬁguration tab Dynamic conﬁguration recommendedStatic conﬁguration optional Add. Repeat this process for the secondary DNS TCP/IP Conﬁguring TCP/IP on Macintosh computersTCP/IP or MacTCP Dynamic conﬁguration using MacIP optional Setting up your Router with the SmartStart Wizard User’s Reference Guide Chapter Console-Based Management Connecting through a Telnet session Conﬁguring Telnet software Connecting a console cable to your routerPC ANSI-BBS Navigating through the console screensAccessing the Easy Setup console screens Chapter Easy SetupEasy Setup console screens See Appendix A, Troubleshooting, for more suggestions Quick Easy Setup connection path Main Menu appears Sdsl Line ConﬁgurationPrevious Screen Next Screen Easy Setup ProﬁleIP Easy Setup Easy Setup Security Conﬁguration Previous Screen To Main Menu Part II Advanced Configuration User’s Reference Guide WAN conﬁguration Chapter WAN and System ConfigurationATM VPI ATM VCI Creating a new Connection Proﬁle IPX Profile Parameters Remote IPX Network Datalink PPP/MP Options Data Compression Default proﬁle Main Menu Default Proﬁle screen appears IP parameters default proﬁle screen System conﬁguration screens IPX parameters default proﬁle screenNavigating through the system conﬁguration screens System conﬁguration features Filter sets ﬁrewalls Network protocols setupIP address serving Date and timeConsole conﬁguration Snmp Simple Network Management Protocol Upgrade feature setSecurity LoggingInstalling the Syslog client User’s Reference Guide Chapter Line Backup Backup Conﬁguration screen appears Atdt Backup Conﬁguration screenIP Setup screen Connection Proﬁles Using Scheduled Connections with BackupScheduled Connections screen appears Management/Statistics Force Recovery Snmp Support QuickViewEvent Logs User’s Reference Guide Network Address Translation features Chapter IP Setup and Network Address TranslationHOW NAT Works Previous Screen Using Network Address TranslationV2 multicast Numbered Sdsl WAN1 Associating port numbers with nodesAdvanced IP/IPX router conﬁguration options Data Link Options IP Setup and Network Address Translation Network Address Translation guidelines IP setup User’s Reference Guide Select Add Export. The Add Exported Service screen appears Select Service. a pop-up menu of services and ports appears IP subnets User’s Reference Guide Static routes Viewing static routes Static Routes screen will appearAdding a static route Deleting a static route Rules of static route installationModifying a static route Main Menu System Configuration IP Address Serving 176.163.222.10 Dhcp NetBios Options Serve Bootp Clients IP Address Pools IP Setup and Network Address Translation Dhcp NetBIOS Options NetBios Type MacIP KIP forwarding setup You have ﬁnished your IP setup User’s Reference Guide IPX features Chapter IPX SetupIPX deﬁnitions Internetwork Packet Exchange IPXIPX address Service Advertising Protocol SAPSocket Routing Information Protocol RIPIPX spooﬁng NetBIOSIPX setup screen Default Gateway Address IPX routing tables User’s Reference Guide AppleTalk protocol Chapter AppleTalk SetupAppleTalk networks AT Routing Table Routers and seeding MacIPInstalling AppleTalk Upgrade Feature Set Conﬁguring AppleTalk EtherTalk setupLocalTalk setup Aurp Free Trade Zone Aurp setupViewing Aurp partners Modifying an Aurp partner Adding an Aurp partnerConﬁguring Aurp Options Deleting an Aurp partnerReceiving Aurp connections Aurp Options Tickle Interval Hhmmss User’s Reference Guide Quick View status overview Chapter Monitoring ToolsGeneral status Status lights Current statusGeneral Statistics Statistics & LogsNetwork Interface Event historiesPhysical Interface WAN Event History Device Event History Routing tablesIP routing table AppleTalk routing table IPX routing tableIPX Sap Bindery table Served IP Addresses IP Address Lease Management screen appears Snmp System InformationCommunity strings Snmp Setup screenSnmp traps Viewing IP trap receivers Setting the IP trap receiversModifying IP trap receivers Deleting IP trap receiversWeb-based management pages Event History pages WAN Event History Device Event History User’s Reference Guide User accounts Chapter SecuritySuggested security measures Protecting the conﬁguration screens Protecting the Security Options screenDial-in console access Telnet access Enable SmartStart/SmartView/Web serverAbout ﬁlters and ﬁlter sets What’s a ﬁlter and what’s a ﬁlter set?Filter priority How ﬁlter sets workHow individual ﬁlters work Port numbers ﬁltering ruleParts of a ﬁlter Other ﬁlter attributes Port number comparisonsUDP Putting the parts togetherFiltering example #2 Filtering example #1Disadvantages of ﬁlters Design guidelinesWorking with IP ﬁlters and ﬁlter sets An approach to using ﬁltersNaming a new ﬁlter set Adding a ﬁlter setAdding ﬁlters to a ﬁlter set Input and output ﬁlters-source and destinationADD this Filter NOW Cancel Viewing ﬁlters Viewing ﬁlter setsModifying ﬁlters Deleting ﬁltersSample IP ﬁlter set Modifying ﬁlter setsDeleting a ﬁlter set TCP Icmp UDP Possible modiﬁcations User’s Reference Guide IPX ﬁlters Adding a packet ﬁlter IPX packet ﬁltersViewing and modifying packet ﬁlters Deleting a packet ﬁlter IPX packet ﬁlter setsViewing and modifying packet ﬁlter sets Adding a packet ﬁlter setNo Match Viewing and modifying SAP ﬁlters IPX SAP ﬁltersDeleting a packet ﬁlter set Deleting a SAP ﬁlter Adding a SAP ﬁlterAdding a SAP ﬁlter set IPX SAP ﬁlter setsViewing and modifying SAP ﬁlter sets Deleting a SAP ﬁlter set Basic protocol types Firewall tutorial General ﬁrewall termsBasic IP packet components Firewall Logic Firewall design rulesExample TCP/UDP Ports Logical and function Binary representationExample IP ﬁlter set screen Implied rulesEstablished connections Example network Filter basicsExample Example ﬁltersExample Example Chapter Utilities and Diagnostics Ping Receive return Ping packet Stop Ping Trace RouteTelnet client Disconnect Telnet console session Factory defaultsUpdating ﬁrmware Transferring conﬁguration and ﬁrmware ﬁles with TftpDownloading conﬁguration ﬁles Transferring conﬁguration and ﬁrmware ﬁles with Xmodem Uploading conﬁguration ﬁlesIdle Do you want to send a saved configuration to your Netopia? Restarting the system Part III Appendixes User’s Reference Guide Conﬁguration problems Appendix a TroubleshootingNetwork problems Console connection problemsPower outages How to reset the router to factory defaultsTechnical support How to reach usBefore contacting Netopia Environment proﬁleFAX-Back Online product informationUser’s Reference Guide About IP addressing What is IP?Appendix B Understanding IP Addressing Subnets and subnet masks Subnet masks Example Using subnets on a Class C IP internetISP Network Network conﬁgurationBackground Example Working with a Class C subnetDistributing IP addresses Technical note on subnet masking Dhcp address serving Netopia R7200 Dhcp server characteristicsConﬁguration Manually distributing IP addresses Using address servingMacIP serving Serve dynamic WAN clientsUnderstanding IP Addressing B-9 Tips and rules for distributing IP addressesDhcp example Internet Nested IP subnets0.0 C.1 WAN 3719 Packet header types BroadcastsUser’s Reference Guide Background Appendix C Understanding Netopia NAT BehaviorNetwork conﬁguration User’s Reference Guide Understanding Netopia NAT Behavior C-3 Netopia Router WWW Server ISP Router LAN Understanding Netopia NAT Behavior C-5 Exported servicesImportant notes Understanding Netopia NAT Behavior C-7 Summary Appendix D Binary Conversion Table Decimal Binary Appendix E Further Reading User’s Reference Guide Further Reading E-3 User’s Reference Guide Pinouts for Auxiliary port modem cable Appendix F Technical Specifications and Safety InformationEnvironment Power requirementsDescription Software and protocols Regulatory notices Agency approvalsNorth America InternationalDeclaration for Canadian users Important safety instructionsBattery Telecommunication installation cautionsAppendix G About Sdsl User’s Reference Guide Glossary User’s Reference Guide Glossary User’s Reference Guide Remapping See network number remapping User’s Reference Guide Glossary User’s Reference Guide Numerics IndexIndex-2 Index-3 Index-4 Index-5 Index-6 Limited Warranty and Limitation of Remedies User’s Reference Guide