New features – CGNAT VNF use case

New CLI commands associated with the new features can be found in the configuration section.

NAT subscriber block of ports

This feature enables the ability to support a set number of ports per subscriber, which is required for Carrier Grade NAT (NAT444), and also ensures that a subscriber cannot consume all the ports for other subscribers.

Port block allocation logging

This feature introduces support for CGNAT data mapping & collection and to be able to log that for any given time range.

Tracking the mapping between subscribers private address and the public address being used on the public Internet helps to provide subscriber traceability. To help manage the volume of the logging, the data can be reduced by assigning port ranges instead of individual ports. This means that only the assignment of a new external IP or a new port range to a subscriber/client IP address is logged.

Note: Configuring CGNAT and SNAT, including ALGs, on the same outbound interface will not be supported in this release.

NAT – session setup/teardown logging

This feature provides the ability to log an entry when a new NAT session starts or stops (time-out or reset).

As well as the ability to log an entry when a new NAT session starts or stops, a rich set of configurable options for session logging will also be provided, for example 5 tuple logging for all subscribers or a subset of subscribers.

Clearing CGNAT sessions selectively

This feature provides the ability to selectively clear sessions, for example, clear all sessions for client IP (subnet /32-/24), or this NAT'ed pool (subnet /32-/24), all port 53 sessions.

NAT session statistics

A rich set of statistics are made available via NETCONF and will include state and statistics globally, per-policy, per-address pool, per-subscriber address, and per session

Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.