Message Image

Skip main navigation (Press Enter).

SRX

last person joined: yesterday

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

What is the behavior if i configured address shifting plus overflow-pool ?

Jump to Best Answer

Erdem08-20-2015 02:26

See below config: root@srx# show security nat source { pool test-p { address { 207.17.137.1/32 ...

aarseniev08-20-2015 03:50Best Answer

Hello there, Pool configured WITHOUT "port no-translation" knob is a NAPT pool. In Your example ...

Erdem08-20-2015 04:06

Got it, thanks a lot. Alex 🙂

1. What is the behavior if i configured address shifting plus overflow-pool ?

0 Recommend
Erdem
Posted 08-20-2015 02:26

Reply Reply Privately
See below config:

root@srx# show security nat
source {
pool test-p {
address {
207.17.137.1/32 to 207.17.137.254/32;
}
host-address-base 10.1.10.5/32;
port no-translation;
overflow-pool overlap-p;
}
pool overlap-p {
address {
207.17.137.255/32;
}
}
}

when the 207.17.137.1/32 to 207.17.137.254/32 are used up, the 207.17.137.255 will be used as one-to-one mapping or PAT ?
2. RE: What is the behavior if i configured address shifting plus overflow-pool ?
Best Answer

0 Recommend
aarseniev
Posted 08-20-2015 03:50

Reply Reply Privately
Hello there,

Pool configured WITHOUT "port no-translation" knob is a NAPT pool.

In Your example

pool overlap-p { address { 207.17.137.255/32; }

- pool "overlap-p" will be used for "PAT".

HTH

Thanks

Alex

P.S. Next time please try to use RFC 2633 terminology ( https://tools.ietf.org/html/rfc2663 ) : PAT is equivalent to NAPT.
3. RE: What is the behavior if i configured address shifting plus overflow-pool ?

0 Recommend
Erdem
Posted 08-20-2015 04:06

Reply Reply Privately
Got it, thanks a lot. Alex 🙂

Powered by Higher Logic