Aviatrix Docs :: Documentation

Destination NAT

Destination NAT (DNAT) allow you to change the destination to a virtual address range.

There are multiple optional parameters you can configure to meet your requirement.

When Sync to Instances is an enabled, NAT rules are automatically duplicated to HA peer gateways. By default, this function is enabled on DNAT.

Field	Value
SRC CIDR	This is a qualifier condition that specifies a source IP address range where the rule applies. When left blank, this field is not used.
SRC PORT	This is a qualifier condition that specifies a source port that the rule applies. When left blank, this field is not used.
DST CIDR	This is a qualifier condition that specifies a destination IP address range where the rule applies. When left blank, this field is not used and a default route 0.0.0.0/0 pointing to Aviatrix Gateway will be programmed into Cloud platform routing table.
DST PORT	This is a qualifier condition that specifies a destination port where the rule applies. When left blank, this field is not used.
PROTOCOL	This is a qualifier condition that specifies a destination port protocol where the rule applies. When left blank, this field is not used.
INTERFACE	This is a qualifier condition that specifies output interface where the rule applies. When left blank, this field is not used.
CONNECTION	This is a qualifier condition that specifies output connection where the rule applies. When left blank, this field is not used.
MARK	This is a rule field that specifies a tag or mark of a TCP session when all qualifier conditions meet. When left blank, this field is not used.
DNAT IPS	This is a rule field that specifies the translated destination IP address when all specified qualifier conditions meet. When left blank, this field is not used. One of the rule field must be specified for this rule to take effect. Multiple translated source IP addresses are supported, they are specified as a range, for example, 100.101.2.5 - 100.101.2.10
DNAT PORT	This is a rule field that specifies the translated destination port when all specified qualifier conditions meet. When left blank, this field is not used. One of the rule field must be specified for this rule to take effect.
APPLY ROUTE ENTRY	This is an option to program the route entry "DST CIDR pointing to Aviatrix Gateway" into Cloud platform routing table.
EXCLUDE ROUTE TABLE	This field specifies which VPC private route table will not be programmed with the default route entry. Users can combine this with APPLY ROUTE ENTRY enabled.

Field

Value

SRC CIDR

This is a qualifier condition that specifies a source IP address range where the rule applies. When left blank, this field is not used.

SRC PORT

This is a qualifier condition that specifies a source port that the rule applies. When left blank, this field is not used.

DST CIDR

This is a qualifier condition that specifies a destination IP address range where the rule applies. When left blank, this field is not used and a default route 0.0.0.0/0 pointing to Aviatrix Gateway will be programmed into Cloud platform routing table.

DST PORT

This is a qualifier condition that specifies a destination port where the rule applies. When left blank, this field is not used.

PROTOCOL

This is a qualifier condition that specifies a destination port protocol where the rule applies. When left blank, this field is not used.

INTERFACE

This is a qualifier condition that specifies output interface where the rule applies. When left blank, this field is not used.

CONNECTION

This is a qualifier condition that specifies output connection where the rule applies. When left blank, this field is not used.

MARK

This is a rule field that specifies a tag or mark of a TCP session when all qualifier conditions meet. When left blank, this field is not used.

DNAT IPS

This is a rule field that specifies the translated destination IP address when all specified qualifier conditions meet. When left blank, this field is not used. One of the rule field must be specified for this rule to take effect. Multiple translated source IP addresses are supported, they are specified as a range, for example, 100.101.2.5 - 100.101.2.10

DNAT PORT

This is a rule field that specifies the translated destination port when all specified qualifier conditions meet. When left blank, this field is not used. One of the rule field must be specified for this rule to take effect.

APPLY ROUTE ENTRY

This is an option to program the route entry "DST CIDR pointing to Aviatrix Gateway" into Cloud platform routing table.

EXCLUDE ROUTE TABLE

This field specifies which VPC private route table will not be programmed with the default route entry. Users can combine this with APPLY ROUTE ENTRY enabled.

To configure Destination NAT, see Configure DNAT.