Nat and icmp packets, Nat and ftp, Nat and icmp packets nat and ftp – Cabletron Systems SMARTSWITCH ROUTER 9032578-05 User Manual

SmartSwitch Router User Reference Manual

223

Chapter 16: Network Address Translation Configuration Guide

The default timeout for DNS dynamic address bindings is 30 minutes. You can change this
timeout by entering the following command in Configure mode:

NAT and ICMP Packets

NAT translates addresses embedded in the data portion of the following types of ICMP
error messages:

•

Destination unreachable (type 3)

•

Source quench (type 4)

•

Redirect (type 5)

•

Time exceeded (type 11)

•

Parameter problem (type 12)

NAT and FTP

File Transfer Protocol (FTP) packets require special handling with NAT, because the FTP
PORT command packets contain IP address information within the data portion of the
packet. It is therefore important for NAT to know which control port is used for FTP (the
default is port 21) and the timeout for the FTP session (the default is 30 minutes). If FTP
packets will arrive on a different port number, you need to specify that port to NAT.

To define FTP parameters to NAT, enter the following commands in Configure mode.

If PAT is enabled, NAT checks packets for the FTP PORT command. If a packet is to be
translated (as determined by the ACL specified for the dynamic address binding), NAT
creates a dynamic binding for the PORT command. An outside host will only see a global
IP address in an FTP response and not the local IP address.

Specify the timeout for DNS
bindings.

nat set dns-session-timeout

Specify the FTP control port.

nat set ftp-control-port

Specify the FTP session timeout.

nat set ftp-session-timeout