Re: [vpp-dev] NAT44 how to control external address assignment from pool?

Mon, 08 Feb 2021 02:04:30 -0800 

Just an update, to perform manual translation we should do:

det44 plugin enable
det44 add in 10.0.1.0/29 out 1.0.0.7/32
det44 add in 10.0.1.16/29 out 1.0.0.5/32
...
set interface det44 inside GigabitEthernet0/5/0 outside GigabitEthernet0/4/0

Ignoring specific nat configuration.

Nevertheless, maybe there is some option to select different IP addres from 
pool?
________________________________
От: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> от имени Юрий Иванов 
<format_...@outlook.com>
Отправлено: 7 февраля 2021 г. 12:10
Кому: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io>
Тема: [vpp-dev] NAT44 how to control external address assignment from pool?

Hi,

I've got basic nat setup in a lab which works as expected except extarnat IP 
address allocation.

My clients, behind NAT, has addresses:
vpp# show ip neighbors
    Time                       IP                    Flags      Ethernet        
      Interface
   1421.5929                10.0.1.30                  D    00:50:79:66:68:00 
GigabitEthernet0/5/0
   1424.3609                10.0.1.55                  D    00:50:79:66:68:02 
GigabitEthernet0/5/0
   1423.1650                10.0.1.41                  D    00:50:79:66:68:01 
GigabitEthernet0/5/0
   1389.2929                10.0.1.20                  D    00:50:79:66:68:04 
GigabitEthernet0/5/0
   1377.1449                10.0.1.2                   D    00:50:79:66:68:03 
GigabitEthernet0/5/0

All can reach external 1.0.0.2 IP which looks good, but for all client external 
address is 1.0.0.100 (the last IP in a range).
I think it will be more better to randomly select different address in range 
like nftables do with this configuration stranza:
"ip saddr 10.0.0.0/8 oif "vlan2" snat to 1.0.0.2-1.0.0.100 persistent"

After changing
vpp# nat addr-port-assignment-alg map-e psid 10 psid-offset 6 psid-len 6
the only difference that external address become 1.0.0.1 for all clients.

I of cource can map host to external address with:
vpp# nat44 add static mapping  local 10.0.1.2 external 1.0.0.10
But with 30 thousands clients it will very strange idea to map every host route 
manually.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#18694): https://lists.fd.io/g/vpp-dev/message/18694
Mute This Topic: https://lists.fd.io/mt/80449794/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to