 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Bidirectional (or two-way) NAT adds support to basic NAT for the Domain Name System (DNS) so public hosts can initiate sessions into the private network, usually to reach servers intended for public access.
When an outside host attempts to resolve the name of an inside host on a private network, the NAT router intercepts the DNS reply and installs an address translation to allow the outside host to reach the inside host by using a public address. When the outside host initiates a connection with the inside host on the private network, the NAT router translates that public destination address to the private address of the inside host and, on the return path, replaces the source address with the advertised public address.
You might need to perform some additional configuration to allow public access from the Internet to a DNS server that resides in the private domain. (See Bidirectional NAT Example.)
The same address space requirements and routing restrictions apply to bidirectional NAT that were described for traditional NAT. The difference between these two methods is that the DNS exchange might create entries within the translation table.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |