Configuring NAT hairpin
Configure NAT hairpin on the interface connected to the internal network. NAT hairpin supports P2P mode and C/S mode.
To configure the P2P mode, you must configure outbound PAT on the interface connected to the external network and enable the EIM mapping mode. Internal hosts first register their public addresses to an external server. Then, the hosts communicate with each other by using the registered IP addresses.
In C/S mode, the destination IP address of the packet going to the internal server is translated by matching the NAT Server configuration. The source IP address is translated by matching the outbound dynamic or static NAT entries.
NAT hairpin typically operates with NAT Server, outbound dynamic NAT, or outbound static NAT. They must be configured on interfaces of the same interface card. Otherwise, NAT hairpin cannot function correctly.
To configure NAT hairpin:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enter interface view. | interface interface-type interface-number | N/A |
3. Enable NAT hairpin. | nat hairpin enable | By default, NAT hairpin is disabled. |