Tip
This is the documentation for the 20.10 version. Looking for the documentation of the latest version? Have a look here.
Deterministic NATΒΆ
Deterministic NAT mode, also known as Carrier-Grade NAT (CG-NAT), is geared for maximum performance at a large scale. This performance comes at a price, however, in that it consumes greater amounts of memory than other, simpler modes.
Warning
Deterministic NAT mode has been deprecated and will be removed from the next version of TNSR.
Deterministic NAT pre-allocates 1000 external ports per inside address, which can increase memory requirements significantly. Each single session requires approximately 15 Bytes of memory.
Deterministic NAT enforces maximum numbers of NAT sessions per user, and only works for TCP, UDP, and ICMP protocols.
Warning
Deterministic NAT mode is not compatible with NAT pools defined by address; it only functions with pools defined by interface name.
To activate Deterministic NAT, use the following command:
tnsr(config)# nat deterministic enable
Deterministic NAT requires a mapping, configured as follows:
tnsr(config)# nat deterministic mapping inside <inside-prefix> outside <outside-prefix>
In this command, the parameters to replace are:
- inside <inside-prefix>:
The internal subnet containing local users, for example,
198.18.0.0/15.- outside <outside-prefix>:
The external subnet to which these users will be mapped using deterministic NAT. For example,
203.0.113.128/25.
Configured mappings may be viewed as follows:
tnsr(config)# show nat deterministic-mappings
Deterministic Mappings
----------------------
Inside Outside Ratio Ports Sessions
------------- ---------------- --------- --------- ---------
198.14.0.0/15 203.0.113.128/25 1024 63 0
NAT Reassembly Parameters
-------------------------