Important notes – Netopia R5300 User Manual
Page 258
C-6 User’s Reference Guide
The WWW ser ver on the Internet would then have to use the single valid IP address that was acquired on the
Netopia R5000 Series Router's WAN inter face to access any host on the Netopia R5000 Series Router's local
LAN inter face, since this is the only valid address for the Internet. But if the WWW ser ver on the Internet opens
a connection to 200.1.1.40 via por t 21 (FTP) and no expor ted ser vices are defined on the Netopia R5000
Series Router, the Netopia R5000 Series Router will discard the incoming packet since the Netopia R5000
Series Router itself does not per form the requested ser vice.
You can see why expor ted ser vices are necessar y. In the example above, an expor ted ser vice needs to be
defined within the Netopia R5000 Series Router redirecting any incoming IP traffic with a destination por t of 21
to the host on the local LAN inter face with the IP address of 192.168.5.3.
If the WWW ser ver on the Internet then tries to open a connection to the IP address of 200.1.1.40 with the
appropriate Expor ted Ser vice defined, the Netopia R5000 Series Router will look at the destination por t and will
find that it is destined for por t 21 (FTP). The Netopia R5000 Series Router then looks at the internal
user-defined expor ted ser vices table and finds that any incoming IP traffic from the WAN por t with a destination
of por t 21 (FTP) should be redirected to the IP address of 192.168.5.3 on the local LAN inter face, which in this
case is Workstation B.
Once the appropriate expor ted ser vices are defined, there can be seamless communication between a host on
the Internet and a host on the Netopia R5000 Series Router’s local LAN inter face.
IIIIm
m
m
mp
p
p
po
o
o
orrrrttttaa
a
an
n
n
ntttt n
n
n
no
o
o
ottttee
e
essss
Even with the advantages of NAT, there are several things you should note carefully:
■
There is no formally agreed-upon method among router vendors for handling an all-zeros IPCP request. The
majority of router vendors use the all-zeros IPCP request to determine when a dial-in host wants to be
assigned an IP address. Some vendors however attempt to negotiate and establish routing with an
all-zeros IP address. The Netopia R5000 Series Router will not allow routing to be established with an
all-zeros IP address and the call will be dropped with an error logged in the Device Event Histor y.
■
When using NAT it is most likely that the Netopia R5000 Series Router will be receiving an IP address from
a pool of dynamic IP addresses at the ISP. This means that the Netopia R5000 Series Router's IP presence
on the Internet will change with each connection. This can potentially cause problems with devices on the
Internet attempting to access ser vices like WWW and FTP ser vers or AURP par tners on the Netopia R5000
Series Router’s local LAN inter face. In this case, if a dynamic IP address is assigned to the WAN inter face
of the Netopia R5000 Series Router each time, the administrator of the Netopia R5000 Series Router will
have to notify clients who want to access ser vices on the Netopia R5000 Series Router’s LAN inter face of
the new IP address after each connection.
■
With NAT enabled, there cannot be two or more of the same types of ser vice accessible from the Internet
on the LAN inter face of the Netopia R5000 Series Router. For example, there cannot be multiple FTP
ser vers (Por t 23) on the Netopia R5000 Series Router's LAN inter face that can be accessible by
workstations on the Internet. This is because there is no way within the Netopia R5000 Series Router and
IP to distinguish between multiple ser vers using the same por t, in this case por t 23.
■
Fictional IP addresses may be assigned on the Netopia R5000 Series Router’s LAN inter face. It is strongly
recommended that for the Netopia R5000 Series Router’s LAN inter face, an IP address from the Class C
address range of 192.168.X.X be used. This is because this range is defined by the IANA as an address
space that will never be routed through the Internet and is to be used by private Intranets not attached to