User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000

111

112

113

114

115

116

117

118

119

120

84 XSR User’s Guide

IP Routing Protocols Chapter 5

Configuring IP

CIDR addressing also enables route aggregation in which a single high level

route entry can represent many lower-level routes in the global routing

tables. This reduces the routing table size. The XSR supports CIDR which is

always enabled. The

ip address <0-32> command implements CIDR.

Network Address Translation

Network Address Translation (NAT) maps IP address from one address realm

to another, providing transparent routing to end hosts. Using Port and

Address Translation (NAPT), the protocol provides a way for many users to

share one global IP address. NAT also enhances access security by only

allowing certain global addresses to access the private network.

NAT is limited in some respects: it requires additional processing in the fast

path which can impact packet delivery speed. Also, applications which

bundle the host IP address inside the payload do not interoperate with NAT

because the host IP address does not match the address on the IP header. A

special translation agent known as an Application Level Gateway (ALG) is

employed to allow such programs on a host in one address realm to

transparently connect to its counterpart running on a host in a different realm.

The XSR implements traditional NAT (RFC-3022). It has two forms:

 Basic NAT - Hosts on the private network are mapped statically to

global addresses. There are two kinds of basic NAT:

– One-to-one mapping - Each host is supplied a one-to-one mapping,

on the private network, to a global address. Hosts without

mappings are not NATted.

– Pool mapping - A pool of global addresses is defined. Hosts on the

private network are mapped to global addresses on a first-come,

first-serve basis. Once a global address is selected, static mapping

is performed.

 NAPT - Both the source address and source port of hosts on the

private network are translated. The global address is that of the

egress interface. Hosts on the private network all share the same

global address (based on the egress interface).

Features

The following NAT features are supported on the XSR:

 Basic NAT - One-to-one mapping based on global (independent of

interface) static mapping table. Mapping is permanent and is deleted

only if the configuration is removed.