R3204P16-HP Load Balancing Module Network Management Configuration Guide-6PW101
Table Of Contents
- Title page
- Contents
- Interface management configuration
- IP addressing configuration
- MAC address table configuration
- Layer 2 forwarding configuration
- Layer 2 forwarding overview
- Configuring general Layer 2 forwarding
- Configuring inline Layer 2 forwarding
- Configuring inter-VLAN Layer 2 forwarding
- Forward-type inline Layer 2 forwarding configuration example
- Blackhole-type inline Layer 2 forwarding configuration example
- Inter-VLAN Layer 2 forwarding configuration example
- VLAN configuration
- ARP configuration
- Gratuitous ARP configuration
- Proxy ARP configuration
- Layer 3 forwarding configuration
- NAT configuration
- Overview
- Configuring a NAT policy in the web interface
- Configuring NAT in the CLIs
- Configuration guidelines
- ALG configuration
- Static route configuration
- RIP configuration
- OSPF configuration
- BGP configuration
- Policy-based routing configuration
- Route displaying
- DNS configuration
- Overview
- Configuring DNS on the web interface
- Configuring DNS in the CLIs
- Troubleshooting IPv4 DNS configuration
- Support and other resources
- Index
83
packet from the internal server arrives, the NAT device translates the private source address of the packet
into the public IP address.
DNS mapping
As introduced, you can specify a public IP address and port number for an internal server on the public
network interface of a NAT gateway, so that external users can access the internal server using its
domain name or pubic IP address.
Figure 42 Diagram for NAT DNS mapping operation
In Figure 42, an internal host wants to access an internal server on the same private network by using its
domain name, while the DNS server is located on the public network. Typically, the DNS server replies
with the public address of the internal server to the host. However, without relevant processing of the NAT
device, the host cannot access the internal server using its domain name. The DNS mapping feature can
solve the problem.
A DNS mapping entry records the domain name, public address, public port number, and protocol type
of an internal server. Upon receiving a DNS reply, the NAT-enabled device matches the domain name in
the message against the DNS mapping entries. If a match is found, the private address of the internal
server is found and NAT replaces the public IP address in the reply with the private IP address. Then, the
host can use the private address to access the internal server.
Support for special protocols
Apart from the basic address translation function, NAT also provides an application layer gateway (ALG)
mechanism that supports some special application protocols without requiring the NAT platform to be
modified, featuring high scalability. The IP addresses or port numbers contained in such protocol
messages may need address translation.
The special protocols that NAT supports include: File Transfer Protocol (FTP), Point-to-Point Tunneling
Protocol (PPTP), Internet Control Message Protocol (ICMP), Domain Name System (DNS), Internet Locator
Service (ILS), Real-Time Streaming Protocol (RTSP), H.323, Session Initiation Protocol (SIP), Netmeeting
3.01, and NetBIOS over TCP/IP (NBT).
Low-priority address pool
An address pool is a set of consecutive public IP addresses used for dynamic NAT. A NAT gateway
selects addresses from the address pool and uses them as the translated source IP addresses.
When two devices in a stateful failover implementation carry out NAT, identical address pools must be
configured on both devices, helping ensure that service traffic is successfully taken over by the other