NAT

Network Address Translation (NAT) is a method used to remap IP address space into another by modifying network address information in IP packet headers while they are in transit across a traffic routing device. NAT is commonly used in enterprise networks to enable multiple devices on a private network to share a single public IP address for internet access, providing both security and conservation of IPv4 address space. The inside source interface configuration allows traffic from internal networks to be translated when exiting through specified interfaces, with optional overload (PAT - Port Address Translation) support for port-level multiplexing.

Diagram

Classes

configuration (iosxe.devices)

Name	Type	Constraint	Mandatory	Default Value
nat	Class	`[nat]`	No

nat (iosxe.devices.configuration)

Name	Type	Constraint	Mandatory	Default Value
inside_source_interfaces	List	`[inside_source_interfaces]`	No

inside_source_interfaces (iosxe.devices.configuration.nat)

Name	Type	Constraint	Mandatory	Default Value
id	Integer	min: `1`, max: `2147483647`	Yes
interfaces	List	`[interfaces]`	No

interfaces (iosxe.devices.configuration.nat.inside_source_interfaces)

Name	Type	Constraint	Mandatory
interface_type	Choice	`Loopback`, `Vlan`, `GigabitEthernet`, `TwoGigabitEthernet`, `FiveGigabitEthernet`, `TenGigabitEthernet`, `TwentyFiveGigabitEthernet`, `FortyGigabitEthernet`, `HundredGigabitEthernet`, `PortChannel`	Yes
interface_id	Any	String or Integer[min: `0`]	No
overload	Boolean	`true`, `false`	No

NAT can be configured for both static and dynamic address translation, and is commonly used in scenarios such as remote access VPNs, load balancing, and policy-based routing to provide flexible and secure network connectivity.

NAT Parameters

Key Components:

Inside Source Interfaces (inside_source_interfaces): Defines NAT translation rules for traffic exiting through specified interfaces.
- id: Identifier for the NAT rule group.
- interfaces: List of interfaces used for NAT.
Interface Type (interface_type): The type of interface used for NAT (e.g., GigabitEthernet, Loopback).
Interface ID (interface_id): The identifier for the interface (e.g., “0/0/1”, “100”).
Overload (overload): Enables Port Address Translation (PAT), allowing multiple internal addresses to share a single external IP address.

Key Parameters Briefly Explained:

inside_source_interfaces: NAT rule group for inside source translation.
id: Rule group identifier.
interfaces: List of NAT-enabled interfaces.
interface_type: Type of interface (e.g., GigabitEthernet).
interface_id: Interface identifier.
overload: Enables PAT for port-level multiplexing.

These parameters allow you to configure NAT for flexible address translation, supporting both one-to-one and many-to-one (overload) scenarios.

Sample Configuration

The following configuration sets up NAT on a Cisco device, including inside source interfaces and overload (PAT) options.

ip nat inside source list 10 interface GigabitEthernet0/0/1 overload
ip nat inside source list 20 interface Loopback100 overload
ip nat inside source list 30 interface GigabitEthernet0/0/2

Example YAML Code

The following YAML code configures NAT on an IOS-XE device, demonstrating inside source interfaces and overload options.

iosxe:
  devices:
    - name: Router1
      configuration:
        nat:
          inside_source_interfaces:
            - id: 10
              interfaces:
                - interface_type: GigabitEthernet
                  interface_id: "0/0/1"
                  overload: true
                - interface_type: GigabitEthernet
                  interface_id: "0/0/2"
                  overload: false
            - id: 20
              interfaces:
                - interface_type: Loopback
                  interface_id: "100"
                  overload: true