Creating a NAT Address Pool

Procedure

1. Run system-view

   The system view is displayed.

2. Run nat instance instance-name [ id id ]

   The NAT instance view is displayed.

3. Use the non-easy IP or easy IP mode to configure a NAT address pool.

   • In non-Easy IP mode, create a NAT address pool with network segment addresses or enter a NAT address pool.

     • Run the nat address-group address-group-name [ group-id id ] [ start-address { mask { address-mask-length | address-mask } | end-address } ] [ vpn-instance vpn-instance-name ] [ no-pat ] command.

       When the nat address-group command is used to create a NAT address pool, the group-id parameter needs to be specified. The group-id parameter specifies the ID of a NAT address pool, which uniquely identifies a NAT address pool.

       The nat address-group command configures a range of public IP addresses in a single public IP address pool. The configuration modes are as follows:

       • Configure the mask parameter in the nat address-group command. The device generates routes with the specified mask as in the same quantity as the IP addresses configured in the nat address-group command.
       • Configure the start-end parameter in the nat address-group command. The master device generates public UNR routes with 32-bit masks in the same quantity as the number of public IP addresses in the range defined by the start and end addresses.

     • Run the nat address-group address-group-name command to enter the NAT address pool view and the run the section section-num start-ip-address { mask { mask-length | mask-ip } | end-ip-address } command.

       The section command configures multiple public IP address ranges in a single public IP address pool. The configuration modes are as follows:

       • Configure the mask parameter in the section command. The device generates routes with the specified mask in the same quantity as the IP address ranges.
       • Configure the start-end parameter in the section command. The master device generates public UNR routes with 32-bit masks in the same quantity as the number of public IP addresses in the range defined by the start and end addresses.

       The mask mode is recommended. With this mode enabled in NAT public IP address pools, the length of routes to be advertised is the same as the mask length specified in the nat address-group command. In start-end mode, the length of routes to be advertised is 32 bits.

   • In Easy IP mode, create the multiplexing relationship between a NAT address pool and an interface IP address.

     • Run the nat address-group address-group-name group-id id unnumbered interface interface-name command.

     • Run the nat address-group address-group-name command to enter the NAT address pool view and then the section section-num unnumbered interface { interface-name | interface-type interface-number } command.

   

   The NAT address pool cannot contain the IP address of a DHCP server. Otherwise, a message indicating a conflict is displayed.

4. (Optional) Exclude an IP address or IP address range from a NAT address pool.
   • If the nat address-group command has been run, run the nat address-group address-group-name exclude-ip-address start-address [ end-address ] command.
   • If the section command has been run, run the section section-id exclude-ip-address start-address [ end-address ] command.

5. Run quit

   Return to the NAT instance view.

6. (Optional) Run nat no-pat enhance

   The No-PAT conversion function is enabled for all IP protocol packets, including those of TCP/UDP/ICMP/PPTP ALG for GRE.

   After this command is run, the No-PAT conversion mode is supported only in this instance, and the PAT and No-PAT address pools cannot be both configured.

7. Run commit

   The configuration is committed.