Source NAT (many-to-many)

In many-to-many translations, a number of private addresses are mapped to a number of public addresses. This mapping provides a way of reducing the possibility of port exhaustions that are possible in a many-to-one scenario. For this reason, the mapping can provide more capacity for outbound translations. The following figure shows a large private address space (a /8 network prefix, here represented as three /16 subnets) mapped to a small range of external addresses.

To configure NAT in this way, perform the following steps in configuration mode.

Table 1. Configuring source NAT (many-to-many)
Step	Command
Create SNAT rule 10.	`vyatta@vyatta# set service nat source rule 10`
Apply this rule to packets coming from any host on the 10.0.0.0./8 network and egressing through the dp0p1p1 interface.	`vyatta@vyatta# set service nat source rule 10 source address 10.0.0.0/8 vyatta@vyatta# set service nat source rule 10 outbound-interface dp0p1p1`
Choose an address in the range 12.34.56.64 through 12.34.56.79 as the source address in outgoing packets. Note that the translation address should be an address defined on the outbound interface if it is part of the connected subnet on that interface. This ensures that the vRouter replies to ARP requests from remote devices for one of the translation addresses.	`vyatta@vyatta# set service nat source rule 10 translation address 12.34.56.64-12.34.56.79`
Commit the change.	`vyatta@vyatta# commit`
Show the configuration.	`vyatta@vyatta# show nat source rule 10 outbound-interface dp0p1p1 source { address 10.0.0.0/8 } translation { address 12.34.56.64-12.34.56.79 }`

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Source NAT (many-to-many)

Helpful Links

Key Resources