R3303-HP HSR6800 Routers Layer 3 - IP Services Configuration Guide
99
• If you configure NAT when NAT is running, the same configuration might have different results
because of different configuration orders.
For an HSR6802/HSR6804/HSR6808 router, make sure all IP address pools referenced by the
interfaces do not overlap each other.
Configuring address translation
A NAT device can be configured with or dynamically generate mappings to translate between internal
and external network addresses. Address translation can be classified into static and dynamic NAT.
• Static NAT—Mappings between external and internal network addresses are manually configured.
Static NAT can meet fixed access requirements of a few users.
• Dynamic NAT—A dynamic NAT entry is generated dynamically. Dynamic NAT is implemented by
associating an ACL with an address pool (or the address of an interface in the case of Easy IP). This
association defines what packets can use the addresses in the address pool (or the interface's
address) to access the external network. An IP address is selected from the associated address pool
to translate an outgoing packet. After the session terminates, the selected IP address is released.
Dynamic NAT can meet external access requirements of a large number of users.
Both static NAT and dynamic NAT support NAT multiple-instance as long as the VPN instance of an IP
address is provided.
Configuring static NAT
You need to configure static NAT in system view, and make it effective in interface view.
Static NAT supports two modes: one-to-one and net-to-net.
Configuring one-to-one static NAT
One-to-one static NAT translates a private IP address into a public IP address.
To configure one-to-one static NAT:
Ste
p
Command
1. Enter system view.
system-view
2. Configure a one-to-one static NAT
mapping.
nat static local-ip [ vpn-instance local-name ] global-ip
[ vpn-instance global-name ]
3. Enter interface view.
interface interface-type interface-number
4. Enable static NAT on the interface.
nat outbound static [ track vrrp virtual-router-id ]
Configuring net-to-net static NAT
Net-to-net static NAT translates a private network into a public network.
To configure net-to-net static NAT:
Ste
p
Command
1. Enter system view.
system-view