beautypg.com

About network address translation (nat) – Allied Telesis AT-WL2411 User Manual

Page 59

background image

AT-WL2411 Version 1.80 Installation and User’s Guide

59

About Network

Address

Translation

(NAT)

NAT allows IP addresses to be used by more than one device. The access
point can act as a NAT server, which instantaneously rewrites IP
addresses and port numbers in IP headers so that packets all appear to
be coming from (or going to) the single IP address of the access point
instead of the actual source or destination.

When a device uses the access point as an IP router, the access point
replaces the IP header, which includes the device’s MAC address, IP
source address, and TCP/UDP port, with its own. You can configure the
DHCP server to indicate that the access point is the IP router when the
server allocates an IP address. Special consideration is given to changing
the FTP data connection TCP port number, which is in the body of the
TCP packet. After the packet source is modified, it is forwarded to the
proper subnet.

If the destination subnet is not the same subnet as the access point’s
Ethernet network, the destination MAC address is changed to the IP
router that has been configured for the access point. If destination
subnet is the same subnet as the access point’s Ethernet network, the
access point converts the MAC address to the MAC address that belongs
to the destination IP address. This may involve using ARP for MAC
address discovery.

When the access point receives a packet with its IP address, it identifies
the need for address translation by inspecting the destination port
number. If the port number is within the pool reserved for NAT
operation, it looks up the original MAC address, IP address, and port
number. The packet is then modified and forwarded to the end device.

NAT operation is disabled or enabled automatically depending on the
continuous range of addresses you enter into the DHCP server. NAT is
disabled if the range of addresses to be given to DHCP clients is on the
same subnet as the access point. NAT is enabled if the range of
addresses to be given to DHCP clients is not on the same subnet as the
access point; thus, you are creating a virtual network and the DHCP
server will also perform NAT translation.

When NAT operation is enabled, the access point uses the low address in
the range of addresses as its own. The DHCP/NAT clients also use this
address as their router IP address. These clients can configure the access
point using this internal IP address or the normal external IP address.

See also other documents in the category Allied Telesis Computer hardware: