Dns mapping, Low-priority address pool – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 286
265
Figure 238 Internal server operation
DNS mapping
Generally, the DNS server and users that need to access internal servers reside on the public network.
You can specify an external IP address and a port number for an internal server on the public network
interface of a NAT device, so that external users can access the internal server using its domain name or
pubic IP address. As shown in
, an internal host wants to access an internal Web server by
using its domain name, and the DNS server is located on the public network. Typically, the DNS server
replies with the public address of the internal server to the host and thus the host cannot access the
internal server. The DNS mapping feature can solve the problem.
Figure 239 Diagram for NAT DNS mapping operation
A DNS mapping entry records the domain name, public address, public port number, and protocol type
of an internal server. After receiving a DNS reply, the NAT-enabled interface matches the domain name
in the message against the DNS mapping entries. If a match is found, the interface replaces the public
IP address in the reply with the private IP address of the internal server. Then, the host can use the private
address to access the internal server.
Low-priority address pool
An address pool is a set of consecutive public IP addresses used for dynamic NAT. A NAT gateway
selects addresses from the address pool and uses them as the translated source IP addresses.
To implement NAT for stateful failover (asymmetric-path), you must configure the same address pool on
both devices so that one device can take over when the other device fails. However, if the two devices
192.168.1.3
192.168.1.1
20.1.1.1
1.1.1.2
NAT
Intranet
Internet
Host
Server
Dst : 20.1.1.1:8080
Dst : 192.168.1.3:8080
Src : 192.168.1.3:8080
Src : 20.1.1.1:8080
Before NAT
20.1.1.1:8080
After NAT
192.168.1.3:8080
Direction
Inbound