Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000
111112113114115116117118119120
XSR Users Guide 85
Chapter 5 IP Routing Protocols
Configuring IP
Port and Address Translation (NAPT)
Standard Access Control Lists (1-99) only supported
Application Level Gateway (ALG):
FTP
ICMP
Netbios over TCP and UDP
Multiple ISP - NAPT based on the egress interface
With NAPT, routing is not automatically filtered out. Use distribution
lists to ensure global networks are advertised out of external ports.
NAPT can be configured for VPN interfaces.
IPSec support
Out-bound packets are processed first by NAT, then forwarded to
IPSec for encryption.
In-bound packets are processed by NAT after IPSec decryption.
Virtual Router Redundancy Protocol
The Virtual Router Redundancy Protocol (VRRP) provides redundancy and
load sharing of multiple IP default gateways on a single LAN without
requiring that LAN's hosts to run a routing protocol. VRRP configures
multiple IP routers on one broadcast LAN to form a single Virtual Router
(VR), which has both a unique virtual IP and virtual MAC address.
The advantage of this protocol is that hosts on a LAN can switch from one IP
router to another (in case of failure) without changing their routing
configuration or running additional protocols. Load balancing can also be
implemented by configuring multiple VRRP routers across multiple IP
routers, with each IP router being the master of a different virtual router.
VRRP is an alternative to dynamic types of router discovery such as proxy
ARP, RIP and IRDP in that it specifies a group of statically configured default
gateways on the client. For example, Figure 9 below shows a LAN topology
where XSRs 1 and 2 are VRRP routers (running VRRP) comprising one virtual
router (VRRP group). The IP address of the VR matches that of the Ethernet
interface of XSR1 (10.10.10.1).