3 managing dynamic bindings, 4 nat and dns, Managing dynamic bindings -3 – Riverstone Networks WICT1-12 User Manual

Riverstone Networks RS Switch Router User Guide Release 8.0 21-3

Network Address Translation Configuration

Managing Dynamic Bindings

You force address translation of all flows to and from the inside local pool by entering the following command in
Configure mode.

21.3 MANAGING DYNAMIC BINDINGS

As mentioned previously, dynamic address bindings expire only after a period of non-use or when they are manually
deleted. The default timeout for dynamic address bindings is 1440 minutes (24 hours). You can manually delete
dynamic address bindings for a specific address pool or delete all dynamic address bindings.

To set the timeout for dynamic address bindings, enter the following command in Configure mode.

To flush dynamic address bindings, enter the following command in Enable mode.

21.4 NAT AND DNS

NAT can translate an address that appears in a Domain Name System (DNS) response to a name or inverse lookup.
For example, if an outside host sends a name lookup to an inside DNS server, the inside DNS server can respond with
a local IP address, which NAT translates to a global address.

To enable NAT DNS translation, enter the following command in Configure mode:

Force all flows to and from local address pool to be
translated.

nat set secure-plus on|off

Set timeout for dynamic address bindings.

nat set dynamic-binding-timeout

<minutes>

|disable

Flush all dynamic address bindings.

nat flush-dynamic-binding all

Flush dynamic address bindings based on local and
global ACL pools.

nat flush-dynamic-binding pool-specified

local-acl-pool

<local-acl>

global-pool

<ip-addr/ip-addr-range/ip-addr-list/ip-addr-mask>

Flush dynamic address bindings based on binding type.

nat flush-dynamic-binding type-specified

dynamic|overloaded-dynamic

Flush dynamic address bindings based on application.

nat flush-dynamic-binding owner-specified

dns|ftp-control|ftp-data

nat set dns-translation-state enable