Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?

To: Ascend User-Group <ascend-users@bungi.com>
Subject: Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?
From: Kevin Smith <kevin@ascend.com>
Date: Wed, 12 Nov 1997 15:47:58 -0800
Cc: "Edwin Yeh" <ery2@po.cwru.edu>
In-Reply-To: <01bcefb6$455647e0$cdc8c8c8@test.asapinc.com>
Sender: owner-ascend-users@max.bungi.com

At 04:59 PM 11/12/97 -0500, Edwin Yeh wrote:
>I don't know exactly how NAT works. (I'll be interested to know. All I can
>guess, is that when the packet exists the router, somehow the header
>information is wrapped.)
>
>But can you run servers (such as ftp server or web server) behnid the
>Pipeline router (running NAT)?
>
>In other words, is there a way for outside users to point to a specific
>machine inside the NAT subnet.

See the 5.1A release notes for details, but here's an extract:

==========
• For incoming calls, the Pipeline can perform NAT for multiple hosts on the 
local network using its own IP address. The MAX routes incoming packets for 
up to 10 different TCP or UDP ports to specific servers on the local network. 

Translations between the local network and the Internet or remote network are 
static and need to be preconfigured. You need to define a list of local
servers
and the UDP and TCP ports each would handle. You can also define a local 
default server that handles UDP and TCP ports not listed.

For example, you can configure the Pipeline to route all incoming packets for 
TCP port 80—the standard port for HTTP—to port 80 of a World Wide Web server 
on the local network. The port you route to does not have to be the same as
the 
port specified in the incoming packets. For example, you can route all
packets 
for TCP port 119, the well known port for Network News Transfer Protocol, to 
port 1119 on a Usenet News server on the local network. You can also specify 
a default server that receives any packets that aren’t sent to one of the 
routed  ports. If you don’t specify any routed ports but do specify a default 
server, the default server receives all packets from the remote network that 
are sent to the Pipeline.

When you configure the Pipeline to route incoming packets for a particular
TCP 
or UDP port to a specific server on the local network, multiple hosts on the 
remote network can connect to the server at the same time. The number of 
connections is limited only by the amount of memory the Pipeline has
available.

==========

To the outside world, your whole NAT subnet will "hide" behind a single
IP address. All "real" addresses behind the NAT Pipeline will be proxied
by the Pipeline to that one address, the Pipeline keeps track by using
dynamic/different port numbers for each session.

You can use the static port mappings to take care of your
requirements....all resources will look like they are on the same IP
address, and the Pipeline will distribute the incoming packets (ftp/http
etc.) to the appropriate internal/local address based on static mappings
per port/socket. 

For example, you may assign:

port 80 (http) to internal/local IP address 10.20.10.171
port 21 (ftp) to internal/local IP address 10.20.10.172

while to the outside world they all look like the "assigned address".

Your DNS will have to be configured appropriately too.

Kevin

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

References:

(ASCEND) Q. Can you run servers behind Pipeline (running NAT)?

From: "Edwin Yeh" <ery2@po.cwru.edu>

Prev by Date: Re: (ASCEND) Radius Ascend-Data-Rate for 56K
Next by Date: Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?
Prev by thread: Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?
Next by thread: Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?
Index(es):
- Main
- Thread