GNAT network address translator (617)
GNAT is a high performance network address translator (NAT) designed specifically for use in embedded devices. Its core engine maps internal to external addresses using port translation (NAPT) based on pre-defined mapping rules. GNAT is a member of the TeamF1 Internet Software Extensions for Classification and Traffic Shaping (INSECTS) suite.
- Many-to-one address translation and many-to-many round-robin translations
- Conserves IP addresses
- Supports bi-directional translation
- Includes reference Application Level Gateways (ALG) implementation for FTP (including inbound, passive connections)
- Supports ICMP ID mapping and "from/to-specific" rules
- Integrates with firewalls for dynamic firewalling
- Extremely small footprint
- Low network latency
- Easily controlled by web server through string based CLI
- Supports rule numbering and per rule aging of NAT entries
- Supports MSS value clamping
- Validated on big and little endian architectures including PowerPC, MIPS, ARM/XScale, and X86
- Royalty-free full-source distribution for VxWorks and Linux
GNAT Offers the Flexible Configuration Needed To Meet Your Embedded Requirements:
- Support for port number ranges
- Configurable timeout and NAT table size
- Extensible architecture to support ALGs
- Support for selectively disabling the incoming or outgoing direction on each interface
- Available in full-source format
- Customization hooks and callouts
- SSHield SSH: Secure Shell & SFTP/SCP
- SSLimSecure SSL: Secure Sockets & TLS
- ClassHopper: Alternate Queuing Disciplines
GNAT typically operates on a gateway between an internal and external network. It does this by creating "local" internal networks, which are connected to the external network (e.g. the Internet) using a single routable (public) IP address in its minimum configuration. GNAT maintains an address translation table containing active mappings of internal/external IP addresses and port numbers. Mappings are created dynamically based on rule matching when a packet makes its way through GNAT.
Use GNAT to redirect inbound packets to a specified internal IP address (or multiple addresses for round-robin based load balancing). This allows external devices to initiate connections to internal NAT-ed nodes which may be necessary if the internal nodes are running servers (such as ftp, http, etc.) requiring access from the outside. Further, GNAT supports redirection in the outgoing direction to allow services such as DNS port forwarding from the internal network.
Use GNAT to hide private IP addresses on its internal side. The nodes on the internal network may freely establish connections with external nodes. GNAT offers application level gateways (ALGs), such as an FTP ALG which can be used as a reference for any other protocols that require a specialized ALG. GNAT includes support for inbound connections to an FTP server on the internal network, including passive connections. GNAT also includes other proxies for PNA based streams, netbios-DGM packets and "rcmd" transparent proxy.
GNAT supports the setup of a "local" network on its internal side, with its own private IP address scheme, allows for maximum address portability since this network can be connected to any external network without any IP address change for the internal nodes. This is particularly useful in embedded environments where the "local" network may be part of a single embedded system.
GNAT supports a customizable management interface that can be programmatically controlled or presented through a string-based command layer, such as a web-server or structured data files such as XML or via a CLI.
GNAT has been optimized for embedded and real-time operating systems by taking advantage of unique features presented by each of the operating systems supported. GNAT is available with optimized editions for both the latest, and older but still popular, versions of VxWorks and embedded Linux. It has been extensively validated on a variety of CPU architectures to minimize development and integration efforts. GNAT for VxWorks 5.x, 6.x, AE, and platforms such as Network Equipment (PNE), Consumer Devices (PCD) and Industrial Devices (PID) bundles, include optimized support for multi-tasking and memory partitions. GNAT for embedded Linux has been optimized for multi-processing and memory management on the 2.4 and 2.6 kernel variants. GNAT transparently works with a wide selection of stacks including: those bundled with VxWorks, Linux, or NetF1 the high performance stack by TeamF1. Like the other members of the INSECTS suite, it is built as a network service that binds itself with the MUX layer, thereby guaranteeing compatibility with any embedded application with minimal to no changes, and without any special network stack source code requirement.
If you are interested in more information on how Wind River partners with this company, click here.