9-24 MAX 6000/3000 Network Configuration Guide
Configuring IP Routing
Configuring system-level routing policies
The translations between the local network and the Internet or remote network are dynamic
and do not need to be preconfigured.
Incoming connection address translation
For incoming calls, the MAX can perform NAT for multiple hosts on the local network by
using its own IP address. The MAX routes incoming packets for up to 10 different TCP or
UDP ports to specific servers on the local network. Translations between the local network and
the Internet or remote network are static and need to be preconfigured. You need to define a list
of local servers and the UDP and TCP ports each should handle. You can also define a local
default server that handles UDP and TCP ports not listed.
For example, you can configure the MAX to route all incoming packets for TCP port 80 (the
standard port for HTTP) to port 80 of a World Wide Web server on the local network. The port
you route to does not have to be the same as the port specified in the incoming packets. For
example, you can route all packets for TCP port 119, the well-known port for Network News
Transfer Protocol, to port 1119 on a Usenet News server on the local network. You can also
specify a default server that receives any packets that are not sent to one of the routed ports. If
you do not specify any routed ports but do specify a default server, the default server receives
all packets sent to the MAX from the remote network.
When you configure the MAX to route incoming packets for a particular TCP or UDP port to a
specific server on the local network, multiple hosts on the remote network can connect to the
server at the same time. The number of connections is limited by the size of the translation
table.
Note: NAT automatically turns RIP off, so the address of the MAX is not propagated to the
Internet or remote networks.
Translation-table size
NAT has an internal translation table limited to 500 active addresses. A translation-table entry
represents one TCP or UDP connection.
Note: A single application can generate many TCP and UDP connections.
A translation table entry is reused as long as traffic includes packets that match the entry. All
the entries for a connection are freed (expire) when the connection disconnects. For Nailed
connections, the connection is designed not to disconnect.
The MAX removes entries from the translation table on the basis of the following timeouts:
Non-DNS UDP translations time out after 5 minutes.
DNS times out in 1 minute.
TCP translations time out after 24 hours.
Multiple-address NAT
When translating addresses for more than one host on the local network, the MAX can perform
multiple-address NAT by borrowing an official IP address for each host from a DHCP server
on the remote network or accessible from the remote network.