Network Address Translation NAT, Basic NAT | Paradyne Routers

Configuring the DSL Router

Network Address Translation (NAT)

Network Address Translation is used when a private network's internal IP addresses cannot be used outside the private network. The IP addresses may be restricted for privacy reasons or they may not be valid public IP addresses.

The DSL router provides NAT as described in RFC 1631 The IP Network Address Translator (NAT). NAT allows the private (local) hosts to transparently access public (global) external IP addresses.

Two variations of traditional NAT are supported:

HBasic NAT

HNetwork Address Port Translation (NAPT)

NOTE:

Basic NAT and NAPT cannot be enabled at the same time.

Basic NAT

Basic NAT allows hosts in a private network to transparently access the external network by using a block of public addresses. Static mapping enables access to selected local hosts from the outside. Basic NAT is often used in a large organization with a large network setup for internal use and the need for occasional external access.

Basic NAT provides a one-to-one mapping by translating a range of assigned public IP addresses to a similar-sized pool of private addresses (typically from the 10.x.x.x address space). Each local host currently communicating with a external host appears to have an unique IP address. Up to 256 IP addresses can be allocated for use with Basic NAT.

Network Address Port Translation (NAPT)

NAPT allows multiple clients in a local network to simultaneously access remote networks using a single IP address. This benefits telecommuters and SOHO (Small Office/Home Office) users that have multiple clients in an office running TCP/UDP applications. NAPT is sometimes referred to as PAT (Port Address Translation).

NAPT provides a many-to-one mapping and uses one public address to interface numerous private users to an external network. All hosts on the global side view all hosts on the local side as one Internet host. The local hosts continue to use their corporate or private addresses. When the hosts are communicating with each other, the translation is based on the IP address and the IP port numbers used by TCP/IP applications.

3-6

August 2000

6371-A2-GB20-10

Image 26

Paradyne Routers manual Network Address Translation NAT, Basic NAT, Network Address Port Translation Napt

Contents

HOTWIRE DSL Routers Copyright E 2000 Paradyne Corporation All rights reserved Contents Configuring the DSL Router Monitoring the DSL Router Index About This Guide Document Purpose and Intended Audience Document Summary Section Description Product-Related Documents Document Number Document Title Document Conventions Syntax Translation DSL Technologies Supported Introduction to Hotwire DSL RoutersWhat is a Hotwire DSL Router? Optional Network Access Provider NAPTypical DSL Router System Hotwire DSL Router Features IP routing with Service Subscriber Levels of Access Accessing the DSL RouterAccess Control to the DSL Router Admin enable Changing Access Session LevelsLocal Console Access Show console Invalid Characters Value Ascii Hex Translation Setting Up the New Users LoginCUSTOMER#. Type configure terminal and press Enter Determining the Available Commands Telnet AccessDetermining the Current Access Level Local console disabled by conflict Changing the System Identity Using the List CommandExiting from the System Automatically Logging Out If you are accessing the DSL router ThenManually Logging Out Interfaces for the DSL Router Configuring the DSL RouterOverview of DSL Router Configuration Service Domain IP Address Assignments Ethernet and DSL Interface Identifiers Simplified Network Topology Numbered DSL InterfaceUnnumbered DSL Interface IP Routing Network Considerations Address Resolution Protocol ARP Proxy ARP Network Address Port Translation Napt Network Address Translation NATBasic NAT Applications Supported by NAT Dynamic Host Configuration Protocol Dhcp ServerIP Options Processing Dhcp Relay Agent Land Bug/Smurf Attack Prevention SecurityIP Filtering Routed Network Model Standard mode Routed vs. Bridged PDUs DSL Router Configuration Examples Configuration Examples Basic Configuration Example Customer Premises CP Basic NAT Configuration Example NAT Mapping Public IP Addresses Private IP Addresses Napt Configuration Example Napt Mapping Public IP Addresses Private IP Addresses Core Router 155.1.3.253 Console Port Connection Dhcp Relay with Proxy ARP Configuration Example Dhcp Server with Basic NAT Configuration Example Public IP Addresses for Basic NAT Private IP Addresses Downstream Router Configuration Example What to Monitor Detecting ProblemsMonitoring the DSL Router Show interface eth1 dsl1 Status of InterfacesShow interface ± Ethernet Link up down Show statistics eth1 dsl1 ip Interface StatisticsShow statistics Clear statistics eth1 dsl1 ip Clearing StatisticsList of Discard Reasons Discard Reasons for the Ethernet Interface eth1 1 Discard Reasons for the Ethernet Interface eth1 2 Discard Reasons for the DSL Interface dsl1 1 Discard Reasons for the DSL Interface dsl1 2 Discard Reasons for IP Alarms Inquiry Diagnostics and TroubleshootingDiagnostics and Troubleshooting Overview Show alarms Show syslog Syslog enable disableSystem Log Syslog ip ip-addr Show log number Syslog EventsSyslog level level Syslog Messages 1 Level Description Event Reporting Syslog Message DisplaySyslog Messages 2 Level Description Event Ping reply x.x.x.x bytes of data=nn PingPing Test Results Ping reply x.x.x.x Request Timed OUT X.x TraceRouteTraceRoute Test Results Command Line Interface Command Line Interface Feature Document Conventions Command RecallNavigation RFC 1483 Encapsulation Command Line Interface CommandsConfiguration Control Commands Ethernet Frame Format Interface and Service Domain IP Address Ip route create dest-ipdest-mask next-hop-ip remote IP Routing TableDelete eth1ifn dsl1ifn Ip route purge ARP Table Proxy ARP Nat timeout time Nat basic enableNat napt enable Nat basic address ip-addrip-mask Nat basic delete private-ip Nat napt delete udp tcp port Dhcp Server Nat disableDhcp server enable disable Nat purge Dhcp Relay Agent Trap disable enable name of trap IP multicast enable disableIP processing enable disable IP Packet Processing NAT disabled or NAT enabled basic NAT Napt Show Command OutputsShow config Show ip route ip-address Show arp timeoutNAT timeout xx minutes NAT basic mappings Show arp Show dhcp server Show NAT naptShow traps Show interface Show statistics Show alarms Show syslog Show log #Show Dhcp relay Sample show dhcp relay display Configuration Defaults Command Line Shortcuts Configuration Default Settings Bytes ParadyneAbc123 Customer Command Line Input Shortcuts Table B-2. Command Line Input Shortcuts 1 Table B-2. Command Line Input Shortcuts 2 Table B-2. Command Line Input Shortcuts 3 Show interface dsl1 eth1 Configuration Defaults & Command Line Shortcuts Traps Overview Traps & MIBsSnmp Overview DSL Router Traps Variable Binding MIB II RFC MIBs OverviewStandard MIBs System Group Ssssssssssss Boot bb.bb.bb 2nd Boot xx.xx.xx DSP System IfEntry Interfaces Group RFCInterfaces Yy.yy.yy H/W Releasezzz CCA part numberº IfOperStatus Specifies the current DSL interface IP Group RFC Table C-5. IP Group Objects 1 Description Setting/ContentsExtension to Interfaces Table RFC Table C-5. IP Group Objects 2 Description Setting/Contents IP Cidr Route Group RFC Transmission Group IpCidrRouteEntry 11 ± Snmp Group Ethernet-Like MIB RFC NoOp1 Paradyne Enterprise MIBsDevice Control MIB Active1 Device Diagnostics MIB ApplpingTestEntry Traceroute AppTracerouteResultsEntry ConfigureApplTracerouteResultsEntry DevStatus Health and Status MIBDevStatus1 Configuration MIB Factory1-to-active8 Primary Interface Configuration MIBPdnInetIpAddressTableEntry Secondary Dhcp MIB DSL Endpoint MIB Syslog MIB DSL Router Terminal Emulation Accessing the List Command OutputDSL Router Terminal Emulation Terminal Emulation Programs Index Numbers IN-2 IN-3