H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

961

962

963

964

965

966

967

968

969

970

Operation Manual – NAT, Netstream, Policy Routing

H3C S7500 Series Ethernet Switches Chapter 1

NAT Configuration

1-7

You can use the nat outbound command to associate an ACL with an address pool or

interface address. Different NAT modes need different configurations.

I. Configuring one-to-one NAT

Follow these steps to configure one-to-one NAT:

To do… Use the command… Remarks

Enter system view

system-view

—

Enter VLAN interface view

interface Vlan-interface vlan-id

—

Configure one-to-one

NAT

nat outbound acl-number

address-group group-number no-pat

slot slot-number

Required

The no-pat keyword indicates that only the source IP addresses in packets are

translated while the TCP/UDP port numbers remains unchanged. That is, NAT is based

on the one-to-one mapping between internal and external IP addresses.

II. Configuring NAPT

Follow these steps to configure NAPT:

To do… Use the command… Remarks

Enter system view

system-view

—

Enter VLAN interface view

interface Vlan-interface vlan-id

—

Configure NAPT

nat outbound acl-number

address-group group-number slot

slot-number

Required

Let’s compare the above two tables:

z In the first table, the configuration command uses the no-pat keyword. Only the IP

addresses of data packets will be translated while the port numbers remains

unchanged, that is, one-to-one NAT is implemented.

z In the second table, the configuration command does not use the no-pat keyword,

and so NAPT is enabled. Both IP addresses and port numbers of data packets will

be translated, that is, many-to-one NAT is implemented.

Caution:

An address pool used for NAPT cannot contain more than three addresses.