section exclude-ip-address (NAT instance address pool view)

Function

The section exclude-ip-address command excludes a specific IP address or a range of IP addresses from an IP address pool.

The undo section exclude-ip-address command restores a specific IP address or a range of IP addresses in an IP address pool.

By default, an IP address or a range of IP addresses cannot be excluded from an IP address pool.

This command is supported only on the NetEngine 8000 F1A.

Format

section section-id exclude-ip-address start-address [ end-address ]

undo section section-id exclude-ip-address start-address [ end-address ]

Parameters

Parameter	Description	Value
start-address	Specifies the start address of an excluded address segment.	The value is in dotted decimal notation.
end-address	Specifies an end IP address. The end IP address must be greater than or equal to the start IP address.	The value is in dotted decimal notation.
section section-id	Specifies the ID of an address segment in an address pool.	The value can only be 0 to 15.

Parameter

Description

Value

start-address

Specifies the start address of an excluded address segment.

The value is in dotted decimal notation.

end-address

Specifies an end IP address. The end IP address must be greater than or equal to the start IP address.

The value is in dotted decimal notation.

section section-id

Specifies the ID of an address segment in an address pool.

The value can only be 0 to 15.

Views

NAT instance address pool view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
nat	write

Usage Guidelines

Usage Scenario

If a specific IP address or a range of IP addresses needs to be removed from a NAT address pool, the address pool has to be divided into multiple pools so that each one contains a continuous range of IP addresses. Then the same configurations or operations have to be repeatedly performed on these pools. To address this problem, run the section exclude-ip-address command to remove a specific IP address or a range of IP addresses from a NAT address pool. Then the configurations or operations can be performed once on the address pool that has excluded the specified IP addresses.

Prerequisites

A NAT instance, its address pool, and address pool sections have been configured.

Precautions

The section exclude-ip-address command only removes a public IP address or a public IP address segment.
A maximum of 10 IP addresses can be removed from a public IP address segment. The excluded IP addresses must be different.
When you restore an IP address or an IP address range in a NAT address pool using the undo section exclude-ip-address command, the specified public IP address or IP address range must be within the excluded public IP address range.
If an address pool is configured by specifying mask, the device advertises specific UNRs instead of network segment UNRs after this command is run. If you run this command to exclude some public IP addresses, routes to the public IP addresses may fail to be advertised, and services may be interrupted.
Do not exclude all IP addresses of an address segment.

Example

# Exclude an IP address range with the start IP address 10.0.0.0 and end IP address 10.0.0.5 from a NAT address pool named group1 in a NAT instance named cpe1.

<HUAWEI> system-view
[~HUAWEI] nat instance cpe1 id 1
[*HUAWEI-nat-instance-cpe1] nat address-group group1 group-id 1
[*HUAWEI-nat-instance-cpe1-nat-address-group-group1] section 1 10.0.0.0 mask 24
[*HUAWEI-nat-instance-cpe1-nat-address-group-group1] section 1 exclude-ip-address 10.0.0.0 10.0.0.5