Broadband Technical Notes

Routable IP Addresses
An IP address can be checked to see if it is routable. Certain IP addresses have been
reserved for private networks. If a host only has IP addresses in one of these ranges, it
cannot directly communicate with other hosts on the Internet:
Address Class
Class A
Class B
Class C

Address Range
10.0.0.0 10.255.255.255
172.21.0.0 172.21.255.255
192.168.0.0 192.168.255.255

A host inside a private network (which will have an IP address in one of these ranges)
may be able to communicate with other hosts on the Internet via a proxy server or a
router or gateway that uses network address translation (NAT). In-depth discussion on
both of these services is outside the scope of this document.
An exception to the guideline that the hosts IP address must be routable is this: some
broadband users may have one routable IP address that belongs to a router or gateway
server using NAT, or that belongs to a proxy server. The other hosts (including any
computer with Dentrix or Easy Dental installed) will have non-routable IP addresses, but
use the router, gateway, or proxy server to communicate with other hosts on the Internet.
National Information Services takes no responsibility whatsoever in the
configuration of these types of networks past the production of this document and
the information it contains. This information is provided to help the network
engineer configure the network, and it should not be inferred that National
Information Services will provide any further support.

eTrans 4.0 Networking Considerations

Our customers have the option of sending insurance claims over the Internet using active
FTP, passive FTP, HTTP, or HTTPS. This product is called eTrans 4.0. We strongly
recommend that our customers (and it is the default when eTrans 4.0 is installed) use
HTTPS for their Internet claims submissions, as pending legislation may require a secure
or encrypted path from dentists to clearinghouses. Also, HTTP is a simpler protocol than
FTP, and more widely supported by firewalls and proxy servers.
Therefore, a network engineer configuring a router, firewall, or proxy server should keep
the following in mind:

A firewall must allow outbound connections destined for port 21 (FTP control),

port 80 (HTTP), or port 443 (HTTPS). If it allows FTP control connections, it

should also be intelligent enough to allow either passive or active FTP data
connections.
A gateway or router running source NAT may need to allow active FTP data
connections. If this is not an option, try passive mode transfers. Since HTTP and
HTTPS run over a single connection, there should be no special source NAT
configuration for these protocols.
A proxy server should be able to proxy for FTP clients, HTTP clients, or HTTPS
clients. eTrans 3.0 will use Internet Explorers proxy configuration when
connecting to NIS servers over the Internet.
A proxy server must allow an FTP PUT or HTTP POST operation of any length.

FTP file transfers take place over a different connection (the data connection) than the
one initially established (the control connection). The direction this data connection is
opened (server to client or client to server) and the ports this connection will involve are
negotiated over the control connection. Because of this, proxy servers, NAT gateways,
and firewalls sometimes do not work well with FTP. We recommend avoiding FTP if at
all possible.

QuickBill Networking Considerations

Our customers also have the option of outsourcing bill printing services. This product is
called QuickBill. Batches of bills are sent to our servers over a telnet connection.
If a customer wants to use QuickBill, the network engineer configuring a router, firewall,
or proxy server should keep the following in mind:

A firewall must allow outbound connections destined for port 23.

A gateway or router running source NAT should have no difficulty with telnet.
QuickBill is not aware of proxy settings. If you have a proxy server that can
proxy for telnet clients, the clients usually must have a proxy client installed. The
best solution may be to run NAT on the proxy server.

Other Considerations
Many broadband users do not have a routable IP address allocated to them from their ISP.
If the customer only has non-routable IP addresses, the ISP will almost certainly exert
more control over the clients Internet connection. The configuration of any gateway,
router, or proxy server is out of the hands of the customer. In this case, if the customer
experiences problems connecting to the NIS servers, the responsibility to fix it lies with
the ISP. Most of them are unwilling or (more generally) unable to do so. We strongly
suggest having an account with a routable IP address.
A customers ISP may filter inbound or outbound traffic. In the experience of the
engineers at National Information Services, ISP-controlled filters are almost never

helpful, and many times harmful. For example, if an ISP chooses to limit bandwidth on
FTP uploads or limit the size of an HTTP POST, this will certainly be a detriment to
those users who wish to send claims electronically. In that light, customers are strongly
advised to choose ISPs that do not filter traffic at all.