Enabling dynamic nat redundancy, Displaying nat information – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

107

53-1002440-03

Displaying NAT information

4

The <priority-value> can be 1 or 2. 2 is the higher priority, and will be the owner of the NAT IP as
long as the system is up.

Enabling dynamic NAT redundancy

To enable dynamic NAT redundancy, enter commands such as the following.

ServerIronADX(config)# ip nat pool foo 63.23.1.2 63.23.1.4 prefix 24

ServerIronADX(config)# ip nat pool foo port-pool-range 2

Syntax: ip nat pool <pool-name> port-pool-range <priority-value>

The port-pool-range <priority-value> parameter supports redundancy for IP NAT pool addresses.
This parameter is similar to the priority value for static NAT, except it also determines the range of
source ports allocated by the NAT IP (which prevents source port collision).

In ServerIron ADX, the ip nat pool <name> port-pool-range command is mandatory for running
router code in HA setups. This command decides the ownership of the IP NAT pool and, when using
router code, this command has to be used in tandem with ip nat pool <name> <Start-IP-address>
<End-IP-address> command.

The <priority-value> can be 1 or 2. A range value of 2 indicates higher priority for the NAT IP. It also
means the source ports allocated for the NAT IP are from the higher range.

NOTE

A distribution of port ranges is not required for static NAT, as it does not involve PAT.

Displaying NAT information

The following sections describe how to display NAT information.