网络地址转换nat,napp-it

Nat44从18.07发行的Nat44代码分为常规Nat44和其他特性Nat44端点依赖模式。 NAT44端点依赖模式支持特定特性所需的所有会话的端点依赖过滤和映射。 现有功能如服务负载平衡、两次nat、out 2合一静态映射、未知协议的动态转换和具有动态转换的传输功能)现在仅在端点相关模式下可用。 在端点依赖模式下,有6个元组源IP地址、源端口、目标IP地址、目标端口、协议和FIB表索引),而不是4个元组要为NAT插件启用端点依赖模式,请在statrup配置中添加以下内容

要为#NAT插件启用端点依赖模式,请将nat { endpoint-dependent } API添加到statrup配置中以显示NAT插件的启动配置

dfinenat _ show _ config { u32 client _ index; u32上下文; ; dfinenat _ show _ config _ reply { u32 context; i32回复; u8 static_mapping_only; u8 static _ mapping _ connection _ tracking; u8终端; u32 translation_buckets; u32 translation_memory_size; u32 user_buckets; u32 user_memory_size; u32 max_translations_per_user; u32 outside_vrf_id; u32 inside_vrf_id; ; NAT插件工作器设置

dfinenat _ set _ workers { u32 client _ index; u32上下文; u64工作器_ mask; ; dump NAT插件workers:

efinenat _ worker _ dump { u32 client _ index; u32上下文; ; efinenat _ worker _ details { u32 context; u32工作器_ index; u32 lcore_id; u8 name[64]; ; 启用/禁用NAT IPFIX日志

dfinenat _ IP fix _ enable _ disable { u32 client _ index; u32上下文; u32 domain_id; u16 src_port; u8启用; ; 添加/删除NAT44地址范围仅限twice_nat端点依赖模式)

dfinenat 44 _ add _ del _ address _ range { u32 client _ index; u32上下文; u8 first_ip_address[4]; u8 last_ip_address[4]; u32 vrf_id; u8 twice_nat; u8 is_add; ; NAT44地址转储

define NAT 44 _ address _ dump { u32 client _ index; u32上下文; ; define NAT 44 _ address _ details { u32 context; u8 ip_address[4]; u8 twice_nat; u32 vrf_id; ; 在界面中打开/关闭NAT44属性

define NAT 44 _ interface _ add _ del _ feature { u32 client _ index; u32上下文; u8 is_add; u8 is_inside; u32 sw_if_index; ; 具有NAT44特性的转储接口

define NAT 44 _ interface _ dump { u32 client _ index; u32上下文; ; dfinenat 44 _ interface _ details { u32 context; u8 is_inside; u32 sw_if_index; ; add/delete 1:1 NAT twice _ NAT/out2in _ onlyendpointdependentmodeonly ) :

efinenat 44 _ add _ del _ static _ mapping { u32 client _ index; u32上下文; u8 is_add; u8 addr_only; u8 local_ip_address[4]; u8 external_ip_address[4]; u8协议; u16 local_port; u16 external_port; u32 external_sw_if_index; u32 vrf_id; u8 twice_nat; u8 out2in_only; u8 tag[64]; ; dump 1:1 NAT:

efinenat 44 _ static _ mapping _ dump { u32 client _ index; u32上下文; ; efinenat 44 _ static _ mapping _ details { u32 context; u8 addr_only;

u8 local_ip_address[4]; u8 external_ip_address[4]; u8 protocol; u16 local_port; u16 external_port; u32 external_sw_if_index; u32 vrf_id; u8 twice_nat; u8 out2in_only; u8 tag[64];};

添加/删除指定接口的NAT44池地址只支持twice_nat端点依赖模式)

define nat44_add_del_interface_addr { u32 client_index; u32 context; u8 is_add; u8 twice_nat; u32 sw_if_index;};

dump NAT44池地址接口

define nat44_interface_addr_dump { u32 client_index; u32 context;};define nat44_interface_addr_details { u32 context; u32 sw_if_index; u8 twice_nat;};

转储NAT44用户

nat44_user_dump { u32 client_index; u32 context;};define nat44_user_details { u32 context; u32 vrf_id; u8 ip_address[4]; u32 nsessions; u32 nstaticsessions;};

dump NAT44用户会话

define nat44_user_session_dump { u32 client_index; u32 context; u8 ip_address[4]; u32 vrf_id;};define nat44_user_session_details { u32 context; u8 outside_ip_address[4]; u16 outside_port; u8 inside_ip_address[4]; u16 inside_port; u16 protocol; u8 is_static; u64 last_heard; u64 total_bytes; u32 total_pkts; u8 is_twicenat; u8 ext_host_valid; u8 ext_host_address[4]; u16 ext_host_port; u8 ext_host_nat_address[4]; u16 ext_host_nat_port;};

启用/禁用NAT44作为接口输出特性postrouting in2out翻译)

define nat44_interface_add_del_output_feature { u32 client_index; u32 context; u8 is_add; u8 is_inside; u32 sw_if_index;};

有NAT44输出特性的dump接口

define nat44_interface_output_feature_dump { u32 client_index; u32 context;};define nat44_interface_output_feature_details { u32 context; u8 is_inside; u32 sw_if_index;};

添加/删除负载均衡的NAT44静态映射仅支持端点依赖模式)

typeonly define nat44_lb_addr_port { u8 addr[4]; u16 port; u8 probability;};define nat44_add_del_lb_static_mapping { u32 client_index; u32 context; u8 is_add; u8 external_addr[4]; u16 external_port; u8 protocol; u32 vrf_id; u8 twice_nat; u8 out2in_only; u8 tag[64]; u8 local_num; vl_api_nat44_lb_addr_port_t locals[local_num];};

转储负载均衡的NAT44静态映射

define nat44_lb_static_mapping_dump { u32 client_index; u32 context;}; define nat44_lb_static_mapping_details { u32 context; u8 external_addr[4]; u16 external_port; u8 protocol; u32 vrf_id; u8 twice_nat; u8 out2in_only; u8 tag[64]; u8 local_num; vl_api_nat44_lb_addr_port_t locals[local_num];};

删除NAT44会话

define nat44_del_session { u32 client_index; u32 context; u8 is_in; u8 address[4]; u8 protocol; u16 port; u32 vrf_id; u8 ext_host_valid; u8 ext_host_address[4]; u16 ext_host_port;};

添加/删除NAT44用户映射

define nat44_add_del_identity_mapping { u32 client_index; u32 context; u8 is_add; u8 addr_only; u8 ip_address[4]; u8 protocol; u16 port; u32 sw_if_index; u32 vrf_id; u8 tag[64];};

转储NAT44用户映射

define nat44_identity_mapping_dump { u32 client_index; u32 context;};define nat44_identity_mapping_details { u32 context; u8 addr_only; u8 ip_address[4]; u8 protocol; u16 port; u32 sw_if_index; u32 vrf_id; u8 tag[64];}; CLI set interface nat44 in <intfc> out <intfc> [output-feature] [del]show nat44 interfacesnat44 add address <ip4-range-start> [- <ip4-range-end>] [tenant-vrf <vrf-id>] [twice-nat] [del]show nat44 addressesnat44 add static mapping tcp|udp|icmp local <ip4-addr> [<port>] external <ip4-addr>|<intfc>) [<port>] [vrf <table-id>] [twice-nat] [out2in-only] [del]nat44 add load-balancing static mapping protocol tcp|udp external <addr>:<port> local <addr>:<port> probability <n> [vrf <table-id>] [twice-nat] [out2in-only] [del]nat44 add identity mapping <interface>|<ip4-addr> [<protocol> <port>] [vrf <table-id>] [del]show nat44 static mappingsset nat workers <workers-list>show nat workersnat ipfix logging [domain <domain-id>] [src-port <port>] [disable]nat44 add interface address <interface> [twice-nat] [del]show nat44 interface addressnat44 del session in|out <addr>:<port> tcp|udp|icmp [vrf <id>] [external-host <addr>:<port>]show nat44 sessions [detail]nat addr-port-assignment-alg default | map-e psid <n> psid-offset <n> psid-len <n> | port-range <start-port> – <end-port>nat44 forwarding enable|disable

Published by

风君子

独自遨游何稽首 揭天掀地慰生平

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注