Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Show Page Sections

New features – CGNAT VNF use case

New CLI commands associated with the new features can be found in the configuration section.

Support for PCP in CG-NAT

Port Control Protocol (PCP) support in a Carrier Grade NAT system is a way for individual subscribers to open a public port such as to allow inbound connections to be made.

CGNAT and SNAT, DNAT and/or Stateful Firewall and/or ALGs on same interface

Support independent SNAT, DNAT and ALG flows along with CGNAT on the same interface, packets will be translated once.

CGNAT mechanism to remove selected subscribers from an active system

There is a requirement to remove select subscribers from an active CGNAT policy so that they may be moved to an alternative policy of device.

Allow the ability to configure thresholds on resource usages to generate resource constraint alerts on threshold crossings

This feature provides the ability to configure thresholds on CGNAT resource usages, resource constraint alerts are generated upon threshold crossing.

For each of the CGNAT resource constraints listed below, it will be possible to configure a threshold. An alert will be logged when the resource exceeds the threshold. Each threshold will be expressed as a percentage.
  • Maximum sessions
  • No available public addresses in a NAT pool
  • Mapping Table full
  • Subscriber Table full
For each threshold it will also be possible to configure an optional rate at which the notification is generated if the resource remains constrained. The warning will not repeat if the rate is omitted; the resource must fall below the threshold before the warning can be logged again.

Log the port block allocation logs, subscriber logs, and resource constraint logs to a Kafka cluster

CGNAT will be enhanced so that the logging infrastructure will have the option to send the logs off-box to managements devices in a Kafka cluster.

There are two categories of logging information:
  • Information that should not be lost and should be stored on disk (subject to a maximum size) if waiting to be sent off-box - this is called ​persistent​ information.
  • Information (such as session logging) which, due to the volume it creates, will not be stored on disk and will be buffered in memory (with a smaller maximum size) - this is call non-persistent information.
    Note: The non-persistent information will likely result in drops of logs if unable to send out for a short period or due to overloading the channels to the Kafka cluster

Add the NatPolicy name to the port block allocation logs

Include NatPolicy Name along with the port block allocation log entries to allow correlation between the two.