Nokia M1112 Network Router User Manual


 
M1112 Administrator Manual
E Copyright Nokia Networks Oy
C33907001SE_00
2-8
self-learning bridge supporting up to 1024 MAC addresses. Bridging
is done between the Ethernet 10Base-T interface and each ATM VCC
interface. Optionally, the bridging between the VCCs can be disabled.
2.2.4 Network Address Port Translation
M1112 supports Network Address Port Translation (NAPT) for
TCP/IP, UDP/IP and ICMP/IP protocols. When NAPT is used, a single
IP address is allocated to a VCC which leads to the public IP network.
The Ethernet subnet has private IP addressing and is not visible to the
VCC. NAPT translates the IP source address and source port number
dynamically to the VCC IP address and port number. Similarly,
packets coming from the VCC are mapped back to the original
destination addresses. NAPT allows up to hundreds of hosts to share a
single VCC IP address to the public network. The principle of Network
Address Port Translation is presented in Figure 2-4.
NAPT router
192.168.1.254
195.112.12.161
src:192.168.1.112:1228
dst:194.112.11.111:80
src:194.112.11.111:80
dst:192.168.1.112:1228
src:195.112.12.161:50001
dst:194.112.11.111:80
src:194.112.11.111:80
dst:195.112.12.161:50001
Home network (LAN) Internet (WAN)
Figure 2-4 Principle of Network Address Port Translation
NAPT may restrict the operation of some IP applications. NAPT also
operates as a simple IP firewall because translation is only allowed
when the first packet is transmitted from the LAN. This means that the
NAPT table entry is created only when a packet is sent from the home
network to the Internet. With server support capability, the user can
add static entries to the NAPT table allowing the translation always in
both directions. This capability is used to add servers (HTTP, NNTP,
and FTP), which are visible to the public IP network via the VCC, on
the LAN subnet.
NAPT supports most IP-based protocols. Because NAPT operates on
the IP and transport layer, the application that includes IP address and
port within the payload will not work properly through NAPT. In many
cases, these applications can be passed through the NAPT using