HP MSR2000/3000/4000 Router Series Layer 3 - IP Services Command Reference
152
[Sysname] nat log flow-end
Related commands
• display nat all
• display nat log
• nat log enable
nat mapping-behavior
Use nat mapping-behavior to configure the mapping behavior mode for PAT.
Use undo nat mapping-behavior to restore the default.
Syntax
nat mapping-behavior endpoint-independent [ acl acl-number ]
undo nat mapping-behavior endpoint-independent
Default
Address and Port-Dependent Mapping applies.
Views
System view
Predefined user roles
network-admin
Parameters
acl acl-number: Specifies an ACL number in the range of 2000 to 3999. Applies the NAT mapping
behavior to packets that are permitted by the ACL. If no ACL is specified, the Endpoint-Independent
Mapping applies to all packets.
Usage guidelines
PAT supports the following NAT mapping behaviors:
• Endpoint-Independent Mapping—EIM uses the same IP and port mapping for packets from the
same source and port to any destination IP and port. An EIM entry is generated to record the IP and
port mapping. This behavior allows packets from any external host to access the internal user by
using the NAT address and port. This behavior facilitates communication among hosts that connect
to different NAT gateways.
• Address and Port-Dependent Mapping—Uses different IP and port mappings for packets with the
same source IP and port to different destination IP addresses and ports. This behavior does not
allow packets from an external host to be sent to any NAT address and port unless the internal host
has previously sent a packet of the same protocol to that external host. This behavior is secure but
inconvenient for communication among hosts connecting to different NAT gateways.
This command takes effect only on outbound PAT. Address and Port-Dependent Mapping always applies
to inbound PAT.
Examples
# Apply the Endpoint-Independent Mapping mode to all packets for address translation.
<Sysname> system-view
[Sysname] nat mapping-behavior endpoint-independent