Candela Technologies Logo
Network Testing and Emulation Solutions

Virtual Router with NAT

Goal: Setup a Virtual Router with one interface performing NAT on outgoing traffic.

In this test scenario, a pair of Virtual Routers are connected with a Redirected Interface connection with one side of the connection performing NAT on outgoing traffic. Two additional Redirected Interface connections are configured to pass traffic and demonstrate NAT.
 
  1. Setup two Virtual Routers and three Netsmith Connections.
    1. Right-click inside the Netsmith window and select New Router screenshot
    2. Repeat to create another virtual router screenshot
    3. Right-click inside the Netsmith window and select New Connection screenshot
    4. Select the 'Skip' option on Port 1-B, WanLink and Port 2-B, then click OK screenshot
    5. Repeat and create two more connections screenshot
    6. Click the Apply button followed by the Sync button screenshot
      1. NOTE: Modifications in Netsmith are only sent to the LANforge-Server after Applying them
      2. Clicking Sync makes sure any changes are synchronized with the current database

    For more information see LANforge-GUI User Guide: Virtual Interfaces

  2. Setup the Ports.
    1. Right-click the rdd ports and select Modify Port screenshot
      1. Assign each pair of rdd ports a unique subnet and IP address
    2. Select the 'IPv4s' checkbox to view the IP addresses of the rdd ports screenshot
    3. Configure rddVR3 and rddVR5 with a Gateway IP that corresponds to their peer rdd interface screenshot
      1. NOTE: In this example, rddVR3 has a Gateway IP of 20.20.20.1 and rddVR5 has a Gateway IP of 30.30.30.1

    For more information see LANforge-GUI User Guide: Ports (Interfaces)

  3. Move the Redirected Interfaces into their desired positions.
    1. Drag rddVR0 into Router R0(2) and rddVR1 into Router R1(1) screenshot
    2. Drag rddVR2 into Router R0(2) and rddVR4 into Router R1(1) screenshot
    3. Click Netsmith Apply to commit the changes screenshot
  4. Create a TCP connection and sniff traffic without NAT.
    1. Go to the Layer-3 tab and click Create screenshot
    2. Create a Layer-3 TCP connection between endpoints rddVR3 and rddVR5 then click OK screenshot
    3. In Netsmith, right-click the TCP connection and click Start screenshot
    4. Right-click port rddVR1 and click Sniff Port screenshot
      1. NOTE: You must have Wireshark properly installed as described here: Installing Wireshark
    5. After Wireshark begins, notice that the source and destination IP addresses are from 20.20.20.20 (rddVR3) and 30.30.30.30 (rddVR5) as expected without NAT enabled screenshot
  5. Enable NAT and sniff traffic on the same port.
    NOTE It is important that Endpoint-A of the connection is behind the NAT port because it is the side that initiates the connection. Reversing the endpoint ports will cause the connection to fail.
    1. Right-click on the TCP connection and select Stop screenshot
    2. Right-click rddVR0 and select Modify screenshot
    3. Select the 'NAT' checkbox and click OK, then click the Netsmith Apply button screenshot
    4. Right-click on the TCP connection and select Start screenshot
    5. Right-click port rddVR1 and select Sniff Port screenshot
    6. After Wireshark begins, notice that any source or destination IP address from or to 20.20.20.20 (rddVR3) has been NAT'd to be 10.10.10.10 because rddVR0 is now performing NAT on all outgoing traffic screenshot

    For more information see LANforge-GUI User Guide

Candela  Technologies, 2417 Main Street, Suite 201, Ferndale, WA 98248, USA
www.candelatech.com | sales@candelatech.com | +1.360.380.1618
Facebook | LinkedIn | Blog