Manualshelf

Specifications

ManualsBrandsViola Systems ManualsComputer equipment2270
71727374757677787980
71 / 80
17.7. CIDR, classless inter-domain routing
When there are several classless networks, it may be a tedious task to maintain routing table
entries for each individual network. In CIDR routing, a contiguous address space part of several
smaller networks is referenced with one routing entry having netmask of a larger network.
An example would be networks 10.10.10.0/29, 10.10.10.8/29, 10.10.10.16/29 and 10.10.10.24/29.
All of these networks can be referenced with only one CIDR network address with shorter netmask,
10.10.10.0/27.
See RFC 1519 for more information on CIDR.
17.8. Network address translation
S-NAT
The S-NAT is an acronym for "Source Network Address Translation". The most typical use case for
S-NAT is that there is a computer in the Arctic's LAN, which is implemented with private IP
addresses. The computer needs to access the Internet, e.g. in order to browse the WWW-pages or
to send an email. As the private IP addresses are not routable, they cannot be used for connecting
the Internet. Instead, an S-NAT "masquerade" is used.
In this technique, the Arctic is hides the intranet LAN IP addresses by converting the source IP
addresses from the packets coming from intranet to the public IP address of the Arctic's WAN
interface. There may also be an additional S-NAT made by (cellular) network provider. Arctic keeps
a table for sending the return-packets coming from Internet back to their original recipient in the
intranet.
D-NAT
The D-NAT is an acronym for "Destination Network Address Translation". A typical case for D-NAT
in Arctic is when the private access point of cellular network is used. D-NAT is used to forward
packets coming to static IP address of the Arctic's WAN interface to the private IP address of the
device connected to the Arctics LAN. Respectively, the S-NAT is used for connections initiated by a
host in Arctic's intranet for forwarding them to WAN network.
Another example of using D-NAT is when there are overlapping private networks behind several
Arctics. In this case, the routing cannot be arranged via Arctics' IP addresses, as they seem to
belong to the same network, but in reality they're in different sites having the same private IP
addressing.
Here the routing cannot be arranged with Arctics' LAN network addresses, but instead the VPN
peer addresses of Arctics are used. Each Arctic will then use the D-NAT (in combination with S-
NAT) to forward the packets to the proper host in the intranet and vice versa.
See RFC-3022 and RFC-4008 for more information on the NAT techniques.
18. Appendix B: Connection establishment
This appendix describes the connection setup between the Arctic and M2M Gateway. In addition
the VPN tunnel establishment is described.
The dilemma with remote, cellular connected devices is the lack of fixed IP addresses that would
be used for connecting the remote device. While private access points from cellular operator are
one answer for the problem, they're typically an expensive solution.
The Viola M2M solution answers the dilemma by providing fixed IP addresses to the remote
devices via VPN tunnel. In addition to that, the Viola M2M solution can work with private access
points, adding value in form of proven, ready-made VPN tunneling.