Network Address Translation (NAT)
-
Monitor subscriber port utilization (cSRX, MX240, MX480, MX960, SRX1500, SRX1600, SRX2300, SRX4200, SRX4300, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX3.0)―Use Carrier Grade Network Address Translation (CGNAT) to monitor and manage port utilization. Configure threshold limits to receive notifications when port or port block usage exceeds these thresholds.
If a pool is configured as Port Block Allocation (PBA) and a subscriber uses more port blocks than the threshold, a notification is generated.
For Deterministic NAT (DETNAT) pools, if a subscriber uses more ports than the threshold in the allocated block, a notification is generated.
[See pool-utilization-alarm (Security Source NAT Pool) and pool (Security Source NAT).]
-
Support for DS-Lite fragmentation (SRX Series Firewall)―Configure the pre-fragmentation and post-fragmentation MTU options on Dual-Stack Lite (DS-Lite) tunnels.
-
Pre-fragmentation–Enable or disable pre-fragmentation or clear the df bit in the IP packet.
-
Post-fragmentation–Enable or disable post-fragmentation to fragment the IPv6 packet. By default, post-fragmentation is off. When enabled, the IPv6 packet fragments; otherwise, if the MTU exceeds, an ICMP error message is sent to the originator.
[See softwire-name.]
-