diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-01-19 21:01:20 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-01-19 21:04:28 +0100 |
commit | 9207897983a3bfafa0ec3e436c1ad67790f09f06 (patch) | |
tree | 48d3291319fc113eda2c0effe866df154d7e8e21 /interface-definitions/interfaces-ethernet.xml.in | |
parent | 75e947ccc72d1532e1bf9c2f5011060a1043a14e (diff) | |
download | vyos-1x-9207897983a3bfafa0ec3e436c1ad67790f09f06.tar.gz vyos-1x-9207897983a3bfafa0ec3e436c1ad67790f09f06.zip |
nat: T2947: add many-many translation
Support a 1:1 or 1:n prefix translation. The following configuration will NAT
source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29.
For this feature to work a Linux Kernel 5.8 or higher is required!
vyos@vyos# show nat
source {
rule 100 {
outbound-interface eth1
source {
address 10.2.0.0/16
}
translation {
address 192.0.2.0/29
}
}
}
This results in the nftables configuration:
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map
{ 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100"
}
Diffstat (limited to 'interface-definitions/interfaces-ethernet.xml.in')
0 files changed, 0 insertions, 0 deletions