Open Stack

Hi Subbareddy,

SNAT, or source NAT, is the ‘many-to-one’ NAT mode you are referring to. Instances that do not have a floating IP will be NAT’d to the IP address of the qg interface of the router. This is akin to a PAT on other firewalls.

A floating IP is akin to a static 1-to-1 NAT, and takes precedence over the default SNAT behavior.

By setting enable_snat to false, your traffic is being forwarded out of the router as the fixed IP of the instance.

James

On Jan 21, 2015, at 8:15 AM, Chinasubbareddy M <chinasubbareddy_m at persistent.com<mailto:chinasubbareddy_m at persistent.com>> wrote:

HI all,

I would like to understand many to one NAT feature  by neutron , so I have created a gateway for router with "enable_snat” on disable mode, now I am confused how to use many to one NAT, can you please guide me ?

root at vpnaas1:~# neutron router-show 1dc4a054-1a93-4962-abaa-01f118a77773
+-----------------------+------------------------------------------------------------------------------+
| Field                 | Value                                                                        |
+-----------------------+------------------------------------------------------------------------------+
| admin_state_up        | True                                                                         |
| external_gateway_info | {"network_id": "bc9172f9-25e7-454b-a387-d81ee79be74d", "enable_snat": false} |
| id                    | 1dc4a054-1a93-4962-abaa-01f118a77773                                         |
| name                  | router1                                                                      |
| routes                |                                                                              |
| status                | ACTIVE                                                                       |
| tenant_id             | 4123b6cff1124795959f4dc73e82531a                                             |
+-----------------------+------------------------------------------------------------------------------+
root at vpnaas1:~#


Regards,
Subbareddy,
Persistent systems ltd.

DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150121/c01f49c5/attachment.html>