Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
441442443444445446447448449450
5-5
Network Address Translation
NAT Operations
Many-to-One
With many-to-one source NAT, many local devices share the same IP address
in the destination network. That is, the module translates each source IP
address to the same new IP address. However, each local device retains its
own source port. Return traffic to the local devices is all destined to the same
IP address but to different ports. Thus the module can forward return traffic
to the correct device. The TMS zl Module will perform many-to-one NAT if you
specify multiple source addresses and one NAT address.
This is the most commonly used type of source NAT.
The source and destination IP address (SA, DA) and port fields (SP, DP) in five
outbound IP packet headers are shown in Table 5-2. The translated fields are
shown with shading. Notice that the source port is translated only if two
devices have the same original source port. The module keeps track of this
change so that it can correctly translate reverse traffic to these devices.
Table 5-2. Many-to-One Source NAT
Many-to-Many
With many-to-many source NAT the module assigns each local device that
attempts to reach the destination network a separate IP address in that
network. A range of new IP addresses is available. The TMS zl Module trans-
lates the source IP address into one of the NAT IP addresses, and the source
port is the same as the original. If a NAT IP address cannot be allocated
dynamically at the connection-creation time because all of the addresses are
in use, the packet is dropped (the module treats a many-to-many policy as an
incomplete one-to-one policy).
The TMS zl Module will perform many-to-many NAT if you specify multiple
source addresses and multiple, but fewer, NAT addresses.
Before NAT After NAT
SA
1
SP
1
DA
1
DP
1
SA
2
SP
2
DA
2
DP
2
10.1.1.10 50055 172.16.122.63 80 192.168.5.23 50055 172.16.122.63 80
10.1.1.11 50056 192.168.2.77 21
192.168.5.23 50056 192.168.2.77 21
10.1.1.12 50057 172.16.222.8 88
192.168.5.23 50057 172.16.222.8 88
10.1.1.13 50058 192.168.2.75 53
192.168.5.23 50058 192.168.2.75 53
10.1.1.14 50055 172.16.53.78 69
192.168.5.23 57574 172.16.53.78 69