Configuring dns mapping, Configuring nat aging time, Configuring nat alg – H3C Technologies H3C S12500 Series Switches User Manual

102

Configuring DNS mapping

With DNS mapping, an internal host can access an internal server on the same private network by using
the domain name of the internal server when the DNS server resides on the public network.
To configure a DNS mapping:

Step Command

1.

Enter system view.

system-view

2.

Configure a DNS mapping.

nat dns-map domain domain-name protocol pro-type ip global-ip port
global-port

Configuring NAT aging time

NAT aging time configuration supports multiple protocols.
To set the NAT aging time:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set NAT aging time for
a specific protocol.

nat aging-time { dns |
ftp-ctrl | ftp-data | icmp |
no-pat | pptp | tcp |

tcp-fin | tcp-syn | udp }

seconds

Optional.
The default NAT aging time varies by protocol:

•

10 seconds for DNS.

•

300 seconds for FTP control links.

•

300 seconds for FTP data links.

•

10 seconds for ICMP.

•

240 seconds in NO-PAT mode.

•

300 seconds for PPTP.

•

300 seconds for TCP.

•

10 seconds for TCP FIN and RST connections.

•

10 seconds for TCP SYN connections.

•

240 seconds for UDP.

Configuring NAT ALG

NAT ALG configuration supports multiple protocols.
To configure NAT ALG:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable NAT ALG.

nat alg { all | dns | ftp | h323 | ils
| nbt | sip }

Optional.
By default, NAT ALG is enabled.