The Source NAT Pool

LSNAT supports Network Address Translating (NAT) of the client IP address as described in Section 3.3 of RFC 2391. See Network Address Translation (NAT) Configuration for NAT configuration details.

With a standard LSNAT connection, the client‘s IP address is passed through the router un-natted. The consequence of this is that the real server must have a route for the client IP address that returns traffic back through the LSNAT router. Since the client IP addresses are usually unknown to the real server, most real servers end up setting their default router to the LSNAT router. If the LSNAT router is not configured as the default router, the LSNAT router and real server must be located somewhere in the network topology that guarantees that return traffic flows through the LSNAT router.

If instead, the client IP address is natted, this allows the real servers to be located anywhere in a network, since the packets from router to real-server will be source natted with an IP address owned by the router itself. Client IP addresses must be natted for non-LSNAT44 configurations.

When assigning IPv6 addresses to the source NAT pool, the prefix length must be 111 or less.

When assigning IPv4 addresses to the source NAT pool, the prefix length must be 15 or less.

Note

In an LSNAT44 configuration, specifying a source NAT pool is optional. If the source NAT pool is not specified for any IPv6 LSNAT configuration type, the virtual server will not become active. See LSNAT IP Address Combination Support for a discussion of LSNAT configuration types.

Use the source nat pool command to specify an IP address and prefix length or a NAT pool to use for source NATing. The NAT pool is used in an overload mode. Specifying an IP address and prefix length is supported for all LSNAT IP address combinations.