Related Documentation
Configuring Dynamic Address-Only Source Translation in IPv4 Networks
In IPv4 networks, dynamic address translation (dynamic NAT) is a mechanism to dynamically translate the destination traffic without port mapping. To use dynamic NAT, you must specify a source pool name, which includes an address configuration.
To configure dynamic NAT in IPv4 networks:
- In configuration mode, go to the [edit services] hierarchy level.[edit]user@host# edit services
- Configure the service set and NAT rule.[edit services]user@host# set service-set service-set-name nat-rules rule-name
In the following example, the name of the service set is s1, and the name of the NAT rule is rule-dynamic-nat44.
[edit services]user@host# set service-set s1 nat-rules rule-dynamic-nat44 - Go to the [interface-service] hierarchy level
for the service set.[edit services]user@host# edit service-set s1 interface-service
- Configure the service interface. [edit services service-set s1 interface-service]user@host# set service-interface service-interface-name
In the following example, the name of the service interface is ms-0/1/0.
Note: If the service interface is not present in the router, or the specified interface is not functional, the following command can result in an error.
[edit services service-set s1 interface-service]user@host# set service-interface ms-0/1/0 - Go to the [edit services nat] hierarchy level.
Issue the following command from the top of the services hierarchy,
or use the top keyword.[edit services service-set s1 interface-service]user@host# top editservices nat
- Configure the NAT pool with an address.[edit services nat]user@host# set pool pool-name address address
In the following example, the name of the pool is source-dynamic-pool, and the address is 10.10.10.0.
[edit services nat]user@host# set pool source-dynamic-pool address 10.10.10.0 - Configure the rule, match direction, term, and source
address. [edit services nat]user@host# set rule rule-name match-direction match-direction term term-name from source-address address
In the following example, the name of the rule is rule-dynamic-nat44, the match direction is input, the name of the term is t1, and the source address is 3.1.1.0.
[edit services nat]user@host# set rule rule-dynamic-nat44 match-direction input term t1 from source-address 3.1.1.0 - Go to the [edit rule rule-dynamic-nat-44 term t1] hierarchy level.[edit services nat]user@host# edit rule rule-dynamic-nat44 term t1
- Configure the source pool and the translation type.[edit services nat rule rule-dynamic-nat44 term t1]user@host# set then translated source-pool src-pool-name translation-type translation-type
In the following example, the name of the source pool is source-dynamic-pool and the translation type is dynamic-nat44.
[edit services nat rule rule-dynamic-nat44 term t1]user@host# set then translated source-pool source-dynamic-pool translation-type dynamic-nat44 - Go to the [edit services adaptive-services-pics] hierarchy level. In the following command, the top keyword
ensures that the command is run from the top of the hierarchy.[edit services nat rule rule-dynamic-nat44 term t1]user@host# top editservices adaptive-services-pics
- Configure the trace options.[edit services adaptive-services-pics]user@host# set traceoptions flag tracing parameter
In the following example, the tracing parameter is configured as all.
[edit services adaptive-services-pics]user@host# set traceoptions flag all - Verify the configuration by using the show command
at the [edit services] hierarchy level.
[edit services] user@host# show service-set s1 { nat-rules rule-dynamic-nat44; interface-service { service-interface ms-0/1/0; } } nat { pool source-dynamic-pool { address 10.1.1.0/24; } rule rule-dynamic-nat44 { match-direction input; term t1 { from { source-address { 3.1.1.0/24; } } then { translated { destination-pool source-dynamic-pool; translation-type { dynamic-nat44; } } } } } } adaptive-services-pics { traceoptions { flag all; } }
