home

Supported platforms

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Source NAT (SNAT)

Source NAT (SNAT) is the most common form of NAT. SNAT changes the source address of the packets passing through the vRouter. SNAT is typically used when an internal (private) host needs to initiate a session to an external (public) host; in this case, the device that is performing NAT changes the private IP address of the source host to some public IP address, as shown in the following figure. In “masquerade” NAT (a common type of SNAT), the source address of the outgoing packet is replaced with the primary IP address of the outbound interface. The destination address of return packets is automatically translated back to the IP address of the source host.

Note: SNAT is performed after the routing decision is made.

The device that is performing NAT tracks information about the traffic flow so that traffic from the flow can be correctly forwarded to and from the source host.

Note: If an IP-in-IP, IP-in-IP6, IP6-in-IP6, SIT, or OpenVPN tunnel is configured as an outbound interface for SNAT, you cannot use a local address as a translation address.
Figure 1. Source NAT (SNAT)