Справочник Пользователя для Netopia CLI 874
Motorola Netopia® Router Connection Profile Commands 3-21
Beginning with Firmware Version 8.3.3, IP Passthrough allows a first come first ser ve mode, which defaults to
an all-zeroes MAC address.
an all-zeroes MAC address.
If you leave the default all-zeroes MAC address, the Router will select the next DHCP client that initiates a DHCP
lease request or renewal to be the IP passthrough host. When the WAN comes up, or if it is already up, the
Router will ser ve this client the IP passthrough/WAN address. When this client's lease ends, the IP
passthrough address becomes available for the next client to initiate a DHCP transaction. The next client will
get the IP passthrough address. Note that there is no way to control which PC has the IP passthrough address
without releasing all other DHCP leases on the LAN.
lease request or renewal to be the IP passthrough host. When the WAN comes up, or if it is already up, the
Router will ser ve this client the IP passthrough/WAN address. When this client's lease ends, the IP
passthrough address becomes available for the next client to initiate a DHCP transaction. The next client will
get the IP passthrough address. Note that there is no way to control which PC has the IP passthrough address
without releasing all other DHCP leases on the LAN.
Note:
If you specify a non-zeroes MAC address, the DHCP Client Identifier must be in the format specified
above. Macintosh computers allow the DHCP Client Identifier to be entered as a name or text, however
Motorola Netopia
Motorola Netopia
®
routers accept only strict (binar y/hex) MAC address format. Macintosh computers display
their strict MAC addresses in the TCP/IP Control Panel (Classic MacOS) or the Network Preference Pane of
System Preferences (Mac OS X).
System Preferences (Mac OS X).
Once configured, the passthrough host's DHCP leases will be shor tened to two minutes. This allows for timely
updates of the host's IP address, which will be a private IP address before the WAN connection is established.
After the WAN connection is established and has an address, the passthrough host can renew its DHCP
address binding to acquire the WAN IP address.
updates of the host's IP address, which will be a private IP address before the WAN connection is established.
After the WAN connection is established and has an address, the passthrough host can renew its DHCP
address binding to acquire the WAN IP address.
A restriction
Since both the router and the passthrough host will use same IP address, new sessions that conflict with
existing sessions will be rejected by the router. For example, suppose you are a teleworker using an IPSec
tunnel from the router and from the passthrough host. Both tunnels go to the same remote endpoint, such as
the VPN access concentrator at your employer’s office. In this case, the first one to star t the IPSec traffic will
be allowed; the second one – since, from the WAN it's indistinguishable – will fail.
existing sessions will be rejected by the router. For example, suppose you are a teleworker using an IPSec
tunnel from the router and from the passthrough host. Both tunnels go to the same remote endpoint, such as
the VPN access concentrator at your employer’s office. In this case, the first one to star t the IPSec traffic will
be allowed; the second one – since, from the WAN it's indistinguishable – will fail.
Stateful Inspection Commands
See also:
■
■
for Ethernet inter face commands.
Note:
The commands in this section are suppor ted beginning with Firmware Version 8.2.
cp { name | index } ip state-insp enable { yes | no | on | off }
no cp { name | index } ip state-insp enable
show cp { name | index } ip state-insp enable
no cp { name | index } ip state-insp enable
show cp { name | index } ip state-insp enable
These commands allow you to set, disable, or show the status of stateful inspection for the specified
Connection Profile. This option is disabled by default. Stateful inspection prevents unsolicited inbound access
when NAT is disabled.
Connection Profile. This option is disabled by default. Stateful inspection prevents unsolicited inbound access
when NAT is disabled.