当前位置:网站首页>VPP静态映射实现DNAT
VPP静态映射实现DNAT
2022-08-08 08:52:00 【redwingz】
接口基本配置:
DBGvpp# set interface state port7 up
DBGvpp# set interface state port8 up
DBGvpp# set interface ip address port7 50.1.1.1/24
DBGvpp# set interface ip address port8 192.168.1.203/24
网络拓扑:
|-----------| |------------| |---------------|
| 50.1.1.2 |---------| vpp |------|----| 192.168.1.103 |
|-----------| |------------| | |---------------|
Host-A port7 port8 | Host-B
|
| |---------------|
|----| 192.168.1.114 |
|---------------|
Host-C(FTP-Server)
启用NAT44配置:
DBGvpp# nat44 enable
如下192.168.1.203为接口port8的真实IP地址,执行DNAT。配置与以上的SNAT一致,都是使用VPP的静态地址映射。
# nat44 add address 192.168.1.203
# set interface nat44 in port7 out port8
# nat44 add static mapping local 50.1.1.2 external 192.168.1.203
#
# show nat44 static mappings
NAT44 static mappings:
local 50.1.1.2 external 192.168.1.203 vrf 0
#
# show nat44 interfaces
NAT44 interfaces:
port8 out
#
# show nat44 addresses
NAT44 pool addresses:
192.168.1.203
tenant VRF independent
执行192.168.1.103 -> ping -> 192.168.1.203:
- 在主机50.1.1.2抓包,可见报文: 192.168.1.103->50.1.1.2,执行了目的地址的替换。
2)在主机192.168.1.103抓包,可见报文: 192.168.1.203->192.168.1.103,执行了源地址的替换。
如下NAT会话所示:
# show nat44 sessions
NAT44 ED sessions:
-------- thread 0 vpp_main: 2 sessions --------
i2o 50.1.1.2 proto ICMP port 41039 fib 0
o2i 192.168.1.203 proto ICMP port 41039 fib 0
external host 192.168.1.103:0
i2o flow: match: saddr 50.1.1.2 sport 41039 daddr 192.168.1.103 dport 41039 proto ICMP fib_idx 0 rewrite: saddr 192.168.1.203 icmp-id 41039
o2i flow: match: saddr 192.168.1.103 sport 41039 daddr 192.168.1.203 dport 41039 proto ICMP fib_idx 0 rewrite: daddr 50.1.1.2 icmp-id 41039 txfib 0
index 0
last heard 254.15
total pkts 5, total bytes 420
static translation
边栏推荐
猜你喜欢
记一次生产内存溢出分析解决
![[Regression prediction] Gaussian process regression based on GPML toolbox with matlab code](/img/d4/134018fbd3b60e203e28deb2b482e3.png)
[Regression prediction] Gaussian process regression based on GPML toolbox with matlab code
Nacos是如何实现心跳机制和服务续约以及超时剔除服务机制的?
LVS负载均衡群集
HTTS 为什么更安全?
Database_JDBC
在数学里,minimum 和 minimal 有啥区别吗?
DVWA full level detailed customs clearance tutorial
X射线聚焦系统
![[Optimized scheduling] Based on particle swarm to realize economic scheduling optimization of microgrid under grid-connected model with matlab code](/img/a8/ce83c9488f4fccb202482d7b7e6c05.png)
[Optimized scheduling] Based on particle swarm to realize economic scheduling optimization of microgrid under grid-connected model with matlab code
随机推荐
记一次生产内存溢出分析解决
【图像分类】2021-CoAtNet NeurlPS
Offensive and defensive world - web2
Data Governance (3): Data Quality Management
The basic method of use in the volatile in the C language
Excel中text函数5中常用方法
攻防世界——fakebook
oracle如何删除表并且释放表空间
【收藏】3. 壁纸收藏
Want to use SQL to achieve two days after the data contrast, the new data sheet and a list of tags
MySQL redo log和undo log
手机APP测试流程规范和方法你知道多少?
STL underlying implementation principle
mockserver使用
jupyter lab安装、配置教程
[Raspberry Pi] vim editor
多态案例2 制作饮品
关于#sql#的问题:kingwow数据库
【AGC】开放式测试示例
Offensive and defensive world - ics-05