Hi, If you are looking for option to specify exact outside translation address from a specific pool. You should try :
nat44 add static mapping ... exact <pool-addr> Also supported by API. This will give you exact address picked from pool. Best regards, Filip Varga From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of ???? ?????? Sent: Monday, February 8, 2021 11:04 AM To: vpp-dev@lists.fd.io Subject: Re: [vpp-dev] NAT44 how to control external address assignment from pool? Importance: High Just an update, to perform manual translation we should do: det44 plugin enable det44 add in 10.0.1.0/29 out 1.0.0.7/32 det44 add in 10.0.1.16/29 out 1.0.0.5/32 ... set interface det44 inside GigabitEthernet0/5/0 outside GigabitEthernet0/4/0 Ignoring specific nat configuration. Nevertheless, maybe there is some option to select different IP addres from pool? ________________________________ От: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> <vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>> от имени Юрий Иванов <format_...@outlook.com<mailto:format_...@outlook.com>> Отправлено: 7 февраля 2021 г. 12:10 Кому: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> <vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>> Тема: [vpp-dev] NAT44 how to control external address assignment from pool? Hi, I've got basic nat setup in a lab which works as expected except extarnat IP address allocation. My clients, behind NAT, has addresses: vpp# show ip neighbors Time IP Flags Ethernet Interface 1421.5929 10.0.1.30 D 00:50:79:66:68:00 GigabitEthernet0/5/0 1424.3609 10.0.1.55 D 00:50:79:66:68:02 GigabitEthernet0/5/0 1423.1650 10.0.1.41 D 00:50:79:66:68:01 GigabitEthernet0/5/0 1389.2929 10.0.1.20 D 00:50:79:66:68:04 GigabitEthernet0/5/0 1377.1449 10.0.1.2 D 00:50:79:66:68:03 GigabitEthernet0/5/0 All can reach external 1.0.0.2 IP which looks good, but for all client external address is 1.0.0.100 (the last IP in a range). I think it will be more better to randomly select different address in range like nftables do with this configuration stranza: "ip saddr 10.0.0.0/8 oif "vlan2" snat to 1.0.0.2-1.0.0.100 persistent" After changing vpp# nat addr-port-assignment-alg map-e psid 10 psid-offset 6 psid-len 6 the only difference that external address become 1.0.0.1 for all clients. I of cource can map host to external address with: vpp# nat44 add static mapping local 10.0.1.2 external 1.0.0.10 But with 30 thousands clients it will very strange idea to map every host route manually.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18706): https://lists.fd.io/g/vpp-dev/message/18706 Mute This Topic: https://lists.fd.io/mt/80449794/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
