Manualshelf

User guide

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
919293949596979899100
Chapter 4. Configuring Special Features 91
Network Address Translation (NAT)
The router supports classic NAT (one NAT IP address assigned to one PC IP address) and a NAT technique
known as masquerading (one single NAT IP address assigned to many PC IP addresses).
General NAT Rules
1. IP routing must be enabled.
2. NAT can be run on a per-remote-router basis.
3. Any number of PCs on the LAN may be going to the same or different remote routers at the same time. In
reality, the number of PCs on the LAN that can be supported is limited by how much memory the router
consumes maintaining table information and by how many connections are currently active.
4. Some operations will not work. Specifically, services that place IP address/port information in the data may
not work until the router examines their packets and figures out what information in the data needs to be
changed. Remember that the router is remapping both IP addresses and ports.
5. When using NAT with a remote router, either the remote ISP must supply the IP address for NAT translation
or the user must configure the IP address for NAT translation locally.
6. Any number of PCs on the LAN may have a connection to the same or different remote routers at the same
time. In reality, the number of PCs on the LAN that can be supported is limited by the amount of memory
consumed by the router to maintain table information and by the number of connections the router ÒthinksÓ
are currently active. Theoretically, up to 64,000 active connections per protocol typeÑTCP/UDPÑcan be
concurrently running, if the table space is available.
Masquerading
With masquerading, multiple local (PC) IP addresses are mapped to a single global IP address. Many local (PCs)
IP addresses are therefore hidden behind a single global IP address. The advantage of this type of NAT is that
users only need one global IP address, but the entire local LAN can still access the Internet. This NAT technique
requires not only remapping IP addresses but also TCP and UDP ports.
Each PC on the LAN side has an IP address and a mask. When the router connects to an ISP, the router appears to
be a ÒhostÓ with one IP address and mask. The IP address that the router uses to communicate with the ISP is
obtained dynamically (with PPP/IPCP or DHCP) or is statically configured. When the PC connects to the ISP, the
IP address and port used by the PC are remapped to the IP address assigned to the router. This remapping is done
dynamically.
Client Configuration
¥ Enable NAT
To enable NAT, use the commands:
remote setIpTranslate on <remoteName>
save
The save command makes the above changes persistent across boots; these changes turn NAT on when
you are connected to this remote router.