Technologies and application scenarios adopted by the firewall CGN
The firewall CGN adopts the following technologies and application scenarios:
The NAT function is deployed on the gateway and the egress of the carrier's network to implement a 2-level address translation. Therefore, reuse rate of IPv4 addresses is improved, and the address resource exhaustion issue is relieved.
-Port Control Protocol (PCP)
The PCP provides a mechanism to enable an upstream device (such as a NAT444 device or a firewall) to control the forwarding of received packets and reduce keepalive traffic of applications.
You can configure mappings among private IP address pool, public IP address pool, and port range in static mode. The firewall can translate and authenticate addresses based on the mappings.
By applying the NAT technology on tunnels, the issue in which private IPv4 users access the IPv4 Internet by crossing the IPv6 network is addressed.
-Port pre-allocation and incremental allocation
This is an enhanced NAT technology. Before the NAT is implemented, the system pre-allocates a port range to users, so that traffic from these users is processed by ports within this port range.
This technology addresses the issue of mutual access between IPv4 network and IPv6 network.