Technologies and application scenarios adopted by the firewall CGN


The firewall CGN adopts the following technologies and application scenarios:
The NAT function is deployed on the gateway and the egress of the carrier's network to implement a 2-level address translation. Therefore, reuse rate of IPv4 addresses is improved, and the address resource exhaustion issue is relieved.
-Port Control Protocol (PCP)
The PCP provides a mechanism to enable an upstream device (such as a NAT444 device or a firewall) to control the forwarding of received packets and reduce keepalive traffic of applications.
-Static mapping
You can configure mappings among private IP address pool, public IP address pool, and port range in static mode. The firewall can translate and authenticate addresses based on the mappings.
By applying the NAT technology on tunnels, the issue in which private IPv4 users access the IPv4 Internet by crossing the IPv6 network is addressed.
-Port pre-allocation and incremental allocation
This is an enhanced NAT technology. Before the NAT is implemented, the system pre-allocates a port range to users, so that traffic from these users is processed by ports within this port range.
This technology addresses the issue of mutual access between IPv4 network and IPv6 network.

Other related questions:
Application scenarios of the S1700
S1700 switches are classified into the SNMP-based model, web-managed model, and NMS-free model.

What are the application scenarios of AS
AS applies to enterprise websites, e-commerce, and mobile applications. AS automatically adds new instances to an AS group for applications when necessary and removes extra ones when unnecessary. In this way, you do not need to prepare a large number of ECSs for an expected marketing activity or unexpected peak hours, thereby ensuring system reliability and reducing system operating costs.

What are the application scenarios of CES
The application scenarios of CES include routine management, alarm notification and capacity adjustment.

VPN Application Scenario
Through the communication tunnel between the VPC and your traditional data center created by VPN, you can easily use the ECSs and block storage resources provided by the Open Telekom Cloud platform. Applications can be migrated to the cloud and additional web servers can be deployed to increase the computing capacity on a network. In this way, a hybrid cloud is built, which reduces IT O&M costs and protects enterprise core data from being leaked. VPN supports local gateways created for different VPCs to establish an IPSec VPN tunnel with the same remote gateway.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top