3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module

981

982

983

984

985

986

987

988

989

990

NAT Configuration Task List 989

scalability. The special protocols supported by the Switch 8800s include: Internet

control message protocol (ICMP), domain name system (DNS), Internet locator

service (ILS), and NetBIOS over TCP/IP (NBT).

NAT multiple-instance

This feature allows users from different MPLS VPNs to access external networks

through the same outbound interface. It also allows them to have the same

internal network address. The process works as follows:

When an MPLS VPN user communicates with an external network, NAT replaces

its internal IP address and port number with the NAT gateway’s external IP address

and port number. It also records the relevant MPLS VPN information, such as the

protocol type and router distinguisher (RD for short). When the response packet

arrives, the NAT gateway then restores the external IP address and port number to

the internal IP address and port number. Additionally, the NAT gateway can

identify the users who access the external network. Besides NAT, NAPT also

supports multiple-instance.

The multiple-instance feature can also apply to internal servers so that external

users can access an internal host of an MPLS VPN. For example, in MPLS VPN1, the

host that provides WWW service has an internal address 10.110.1.1. The host can

use 202.110.10.20 as an external IP address so that the Internet users can access

the WWW service in MPLS VPN1 through this external address.

NAT Configuration

Task List

Follow the following steps to configure NAT:

To do... Use the command... Remarks

Enter system view system-view -

Define an address pool nat address-group

group-number start-address

end-address

Optional

Not necessary when the

switch has been configured

with Easy IP.

Configure address translation Refer to “Configuring

Address Translation” on page

990.

Required

Configure an internal server Refer to “Configuring Internal

Server” on page 991.

Optional

Enable NAT application layer

gateway

nat alg { all | dns | ftp | ils |

nbt }

Optional

Enabled by default

Currently, the NAT ALG

supports only standard ports

for DNS, FTP, ILS, and NBT.

Configure the binding Refer to “Configuring the

Binding” on page 992

Required

Configure NAT log Refer to “Configuring NAT

Log” on page 993

Optional

Disabled by default

Configure connection-limit Refer to “Configuring

Connection-limit” on page

996

Optional

Disabled by default