12 • NAT/NAPT configuration SmartWare Software Configuration Guide134 IntroductionIntroductionThis chapter provides a general overview of Network Address (Port) Translation and describes the tasksinvolved in its configuration.The two most compelling problems facing the IP Internet are IP address depletion and scaling in routing.Long-term and short-term solutions to these problems are being developed. The short-term solution is CIDR(Classless Inter Domain Routing). The long-term solutions consist of various proposals for new internet proto-cols with larger addresses.Until the long-term solutions are ready, an easy way to hold down the demand for IP addresses is throughaddress reuse. This solution takes advantage of the fact that a very small percentage of hosts in a stub domainare communicating outside of the domain at any given time (a stub domain is a domain, such as a corporatenetwork, that only handles traffic originated or destined to hosts in the domain). Indeed, many (if not most)hosts never communicate outside of their stub domain. Because of this, only a subset of the IP addresses insidea stub domain need to be translated into IP addresses that are globally unique when outside communications isrequired.For further information about the functionality of Network Address Translation (NAT) and Network AddressPort Translation (NAPT), consult the RFCs 1631 and 3022. This chapter applies the terminology defined inRFC 2663.SmartWare provides four types of NAT/NAPT:• Dynamic NAPT (Cisco terminology: NAT Overload)• Static NAPT (Cisco terminology: Port Static NAT)• Dynamic NAT• Static NATYou can combine these types of NAT/NAPT without any restriction. One type of profile, the ‘NAPT Profile’,holds the configuration information for all four types where configuration is required. The remainder of thisSection shortly explains the behavior of the different NAT/NAPT types.Dynamic NAPTDynamic NAPT is the default behavior of the NAT/NAPT component. It allows hosts on the local network toaccess any host on the global network by using the global interface address as source address. It modifies notonly the source address, but also the source port, so that it can tell different connections apart (NAPT sourceports are in the range 8,000 to 16,000). UDP and TCP connections from the local to the global network trig-ger the creation of a dynamic NAPT entry for the reverse path. If a connection is idle for some time (UDP: 2minutes, TCP: 12 hours) or gets closed (only TCP), the dynamic NAPT entry is removed.An enhancement of the Dynamic NAPT allows to define subsets of hosts on the local network that shall usedifferent global addresses. Up to 20 subsets with their respective global addresses are possible. Such a globalNAPT address can be any IP address as long as the global network routes the traffic to the global interface ofthe NAT/NAPT component.Note Only the NAT/NAPT component handles global NAPT addresses. Othercomponents of the SmartNode (e.g. the H.323 gateway) are not accessiblevia these addresses.
