Disabling Port Randomization for Source NAT (CLI Procedure)
For pool-based source NAT and interface NAT, port numbers are allocated randomly by default. Although randomized port number allocation can provide protection from security threats such as DNS poison attacks, it can also affect performance and memory usage for pool-based source NAT.
You can disable port randomization by using the port-randomization disable statement at the [edit security nat source] hierarchy level. To re-enable port randomization, use the port-randomization statement at the [edit security nat source] hierarchy level.
user@host# set security nat source port-randomization
disable
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices
- Understanding Source NAT
- Source NAT Configuration Overview