Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Configuring NAT

    This example describes how to configure Network Address Translation (NAT) on the MobileNext Broadband Gateway. This simple example illustrates the NAT44 transition scenario. This example only describes the portions of the configuration related to supporting NAT service sets.

    Requirements

    This example uses the following hardware and software components:

    • Junos OS Release 11.2W
    • Juniper Networks MobileNext Broadband Gateway

    Overview

    The broadband gateway should be configured as follows to demonstrate this scenario:

    • FPC 1 PIC 0 is the session DPC
    • FPC 1 PIC 1 is the Multiservices DPC
    • Service interface for NAT is ms-1/1/0
    • Service set is applied on mif.0
    • NAT pool address range is 19.19.19.1 to 19.19.19.32
    • NAT rule matches the user equipment (UE) address range 30.30.0.0/16

    Configuration

    Configuring the Chassis

    CLI Quick Configuration

    To quickly configure this example, copy the following commands and paste them into the router terminal window:

    [edit]load merge /etc/config/mobility-defaults.confset chassis fpc 1 pic 0 apply-groups mobilityset chassis fpc 1 pic 1 adaptive-services service-package extension-provider control-cores 1set chassis fpc 1 pic 1 adaptive-services service-package extension-provider data-cores 7set chassis fpc 1 pic 1 adaptive-services service-package extension-provider object-cache-size 14336set chassis fpc 1 pic 1 adaptive-services service-package extension-provider policy-db-size 256set chassis fpc 1 pic 1 adaptive-services service-package extension-provider package jservices-natset chassis fpc 1 pic 1 adaptive-services service-package extension-provider package jservices-algset chassis fpc 1 pic 1 adaptive-services service-package syslog daemon anyset chassis fpc 1 pic 1 adaptive-services service-package syslog kernel any

    Step-by-Step Procedure

    To configure the chassis:

    1. Load and merge the default configuration file for the mobility group.
      [edit]user@pe1# load merge /etc/config/mobility-defaults.conf
    2. Configure the mobility group on the session DPC.
      [edit]user@pe1# set chassis fpc 1 pic 0 apply-groups mobility
    3. Configure the Multiservices DPC for NAT services. Specify the jservices-nat and jservices-alg packages.
      [edit]user@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider control-cores 1user@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider data-cores 7user@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider object-cache-size 14336user@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider policy-db-size 256user@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider package jservices-natuser@pe1# set chassis fpc 1 pic 1 adaptive-services service-package extension-provider package jservices-alg

    Configuring NAT Pools and NAT Rules

    CLI Quick Configuration

    To quickly configure this example, copy the following commands and paste them into the router terminal window:

    [edit]set services nat pool pool_nat44 address-range low 19.19.19.1 high 19.19.19.32set services nat pool pool_nat44 port automaticset services nat rule rule_nat44 match-direction inputset services nat rule rule_nat44 term t1 from source-address 30.30.0.0/16set services nat rule rule_nat44 term t1 then translated source-pool pool_nat44set services nat rule rule_nat44 term t1 then translated translation-type napt-44

    Step-by-Step Procedure

    To configure NAT pools and NAT rules:

    1. Configure the NAT pool address as an address range.
      [edit]user@pe1# set services nat pool pool_nat44 address-range low 19.19.19.1 high 19.19.19.32
    2. Specify that the NAT pool port is a router-assigned port.
      [edit]user@pe1# set services nat pool pool_nat44 port automatic
    3. Configure the NAT rule to match on input.
      [edit]user@pe1# set services nat rule rule_nat44 match-direction input
    4. Specify the input condition for the NAT term.
      [edit]user@pe1# set services nat rule rule_nat44 term t1 from source-address 30.30.0.0/16
    5. Specify the input actions for the NAT term.
      [edit]user@pe1# set services nat rule rule_nat44 term t1 then translated source-pool pool_eifuser@pe1# set services nat rule rule_nat44 term t1 then translated translation-type napt-44

    Configuring Service Sets

    CLI Quick Configuration

    To quickly configure this example, copy the following commands and paste them into the router terminal window:

    [edit]set interfaces ms-1/1/0 unit 0 family inet set services service-set set_0 nat-rules rule_nat44set services service-set set_0 interface-service service-interface ms-1/1/0set interfaces mif unit 0 family inet service input service-set set_0set interfaces mif unit 0 family inet service output service-set set_0

    Step-by-Step Procedure

    To configure service sets:

    1. Configure the service interface associated with the service set.
      [edit]user@pe1# set interfaces ms-1/1/0 unit 0 family inet
    2. Configure the service set.
      [edit]user@pe1# set services service-set set_0
    3. Specify the NAT rules.
      [edit]user@pe1# set services service-set set_0 nat-rules rule_nat44
    4. Specify the service interface.
      [edit]user@pe1# set services service-set set_0 interface-service service-interface ms-1/1/0
    5. Associate the service set with the mobile interface.
      [edit]user@pe1# set interfaces mif unit 0 family inet service input service-set set_0user@pe1# set interfaces mif unit 0 family inet service output service-set set_0

    Verification

    Verifying the NAT Pool Information

    Purpose

    Verify information about NAT pools.

    Action

    user@pe1> show services nat pool detail
    Interface: ms-1/1/0, Service set: set_0
    NAT pool: pool_nat44, Translation type: napt-44
    Address range: 19.19.19.1-19.19.19.32
    Address range: 2.2.2.2-2.2.2.2
    Port range: 512-65535, Ports in use: 0, Out of port errors: 0, Max ports used: 0

    Published: 2011-11-16