I have a NAT question for everyone. I am wondering if it is possible to
statically map a single external (world routeable) IP address to more than
one specific internal (unrouteable) IP address. That is, can I configure
our router to translate the traffic from 172.16.2.22 and 172.16.2.23 to
206.132.75.212?
The reason I would want to do this is so that I can install mail servers
that identify themselves with the same name on the two machines on the 172
network, and that will resolve correctly when a remote mail server does a
reverse lookup.
Fig 1:
IP: 172.16.2.22
sysname: mail001.example.com
mailer name: mailer.example.com
+---------+ | NAT IP: 206.132.75.196
| | | A RR: mailer.example.com
| mail001 +-----------+ PTR RR: mailer.example.com
| | | +---------+
+---------+ | | |
+-----------+ rtr 1 |
+---------+ | | |
| | | +---------+
| mail002 +-----------+
| | |
+---------+ |
IP: 172.16.2.23
sysname: mail002.example.com
mailer name: mailer.example.com
For example, suppose mail001 originates a connection to mx.cisco.com and
identifies itself as mailer.example.com. mx.cisco.com identifies that this
connection is coming from mailer.example.com at IP 206.132.75.196. Being
a well-configured mailer, mx.cisco.com does a reverse DNS lookup to verify
that the PTR resource record for 206.132.75.196 maps to
mailer.example.com. It does, and mx.cisco.com takes the mail. A moment
later, mail002 originates a connection to mx.cisco.com and identifies
itself as mailer.example.com. mx.cisco.com again identifies that this
connection is coming from mailer.example.com at IP 206.132.75.196. It
checks the PTR again, and it matches, and it takes the mail.
Is this configuration possible with Cisco's implementation of NAT? I know
of other NAT implementations that would support this configuration. (The
mailer configuration is not a problem.)
Thanks a bunch,
Marc
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:14 EDT