configure ip nat rule source

configure ip nat rule rule_name source [[[src_ip_addr src_mask | src_ipNetmask ] {{source-vr} src_vr_name} new-source new_src_ip_addr] | none]

Description

Configures the IP address that is to be translated and the IP address to which this is to be translated for source Network Address Translation (NAT) rules.

Syntax Description

ip Specifies Internet Protocol (IP).
nat Specifies NAT.
rule Specifies NAT rule.
rule_name Specifies the NAT rule name.
source Specifies modifying the source IP address.
src_ip_addr Specifies the source IP address that needs to be translated.
src_mask Specifies source IP address mask.
src_ipNetmask Specifies source IP address/netmask.
source-vr Specifies a virtual router (VR) on which the packet to be translated arrives.
src_vr_name Specifies an existing VR/VRF name on which the packet to be translated arrives. If not specified, the VR context from where this command is executed is used.
new-source Specifies a source IP address after translation.
new_src_ip_addr Specifies the source IP address after translation.
none Deletes the IP address configuration.

Default

If no VR is specified, the current VR context is used.

Usage Guidelines

This command configures the source NAT rule address information. To configure the destination information, run the command configure ip nat rule rule_name destination [[dst_ip_addr new-destination new_dst_ip_addr {{vr} vr_name}] | none] .

The incoming and outgoing VLANs on the NAT router can be on different VRs. The VR on which the packet arrives is configured in this command. The packet after translation is sent out on the configured egress VLAN (configure ip nat add {vlan} vlan_name direction [ingress | egress | both]).

For a source-NAT rule (where either source or destination IP address is only translated), the source mask has to be specified as /32 or 255.255.255.255.

Example

The following example configures the rule named "ipOnlyRule" to translate the source the IP address from 10.20.30.40 to 121.144.169.196. The ingress VLAN is present in the VR "VR-user-in":

# configure ip nat rule ipOnlyRule source 10.20.30.40/32 source-vr VR-user-in new-source 121.144.169.196

History

This command was first available in ExtremeXOS 31.2.

Platform Availability

This command is available on the switches that support the IP NAT feature. For information about which switches support this and other features, see the ExtremeXOS 32.2 Feature License Requirements document.