Use this command to cause all connections to nat the client IP address with an address from the specified NAT source pool.
poolname | Specifies a configured pool of NAT addresses to use as the source IP. (Supported for IPv4-to-IPv4 LSNAT context only). |
ip-address/prefix-len | Specifies an IPv4 or IPv6 address and prefix length for the NAT source address pool. In an IPv4 context the prefix length must be 15 or less. In an IPv6 context the prefix length must be 111 or less. |
None.
Configuration command, SLB Virtual Server Configuration mode.
Standard LSNAT passes the client‘s IP address through the router unnatted. This constrains the physical location of the real server in the network. Since the client IP addresses are usually unknown, most real servers must set their default router to the LSNAT router. If the LSNAT router is not configured as the default router then the LSNAT router and real server must be located inline in the network topology. This guarantees return traffic flows through the LSNAT router.
If the client IP address is natted, the real server can be located anywhere in a network because the packets from the router to the real server will be source natted with an IP address owned by the LSNAT router itself. Client source natting is accomplished with this virtual server command that provides a NAT pool to use for source natting. The NAT pool specified is used in an overloaded fashion allowing a single address for multiple clients differentiating each using a separate port.
In an LSNAT IPv6-to-IPv6 or LSNAT IPv4-to-IPv6 virtual server context, an IPv6 source NAT pool definition is required with a prefix length of 111 or less for checksum neutral calculation of IPv6 addresses (see Load Sharing Network Address Translation (LSNAT) Configuration in the S-, K-, and 7100 Series Configuration Guide for a detailed LSNAT combined IPv4 and IPv6 context discussion). When configuring the virtual server in an LSNAT IPv6-to-IPv4 or IPv4-to-IPv4 context, an IPv4 source NAT pool definition with an IP address and prefix length can be used. The mask or prefix length must be 15 or less. In an LSNAT IPv4-to-IPv4 context you can also specify a NAT pool.
The “no” form of this command returns to the default of no source NAT for this virtual server.
This example allows a client at 100.12.22.10 255.255.255.0 to use the virtual server named virtual-lsnat by assigning the client address range 100.12.22.0/15 to the virtual server NAT source pool:
System(rw-config)->ip slb vserver virtual-lsnat System(rw-config-slb-vserver)->source nat pool 100.12.22.0/15 System(rw-config-slb-vserver)->client 100.12.22.10 255.255.255.0
This example allows a client at 2001:11ac:fd34::5 to use the virtual server named virtual-lsnat66 by assigning the client IPv6 address range 2001:11ac:fd35::/111 to the virtual server NAT source pool:
System(rw-config)->ipv6 slb vserver virtual-lsnat66 System(rw-config-slb-vserver)->client 2001:11ac:fd34::5 System(rw-config-slb-vserver)->source nat pool 2001:11ac:fd35::/111