No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NETCONF YANG API Reference

AR100, AR120, AR160, AR1200, AR2200, AR3200, and AR3600 V300R003

NETCONF YANG API Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
NAT

NAT

NOTE:

By default, the route forwarding function is enabled on high-end LAN cards (8FE1GE, 24GE, and 24ES2GP) so that these cards do not send received packets to the CPU. When IP packets are forwarded on a LAN card, NAT services cannot be configured on VLANIF interfaces.

When the subnet mask of the IP address is delivered, only the subnet mask takes effect, and the mask length does not take effect. For example, <address-mask>255.255.255.0/24</address-mask>, 255.255.255.0 takes effect, and mask length 24 does not take effect.

Outbound NAT

This section describes the data model of outbound NAT and provides the packet examples for creating and modifying outbound NAT.

Data Model

The data model file matching the outbound NAT is huawei-nat.yang.

Table 3-336 Outbound NAT

Object

Description

/ietf-interfaces:interfaces/interface/huawei-nat:nat

Indicates that the object of requesting an operation (creation and deletion) is outbound NAT. It is a root object, which is only used to contain sub-objects.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/type

Indicates the conversion type.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/acl

Indicates the ACL number.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/pool-id

Indicates the address pool ID.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/vrrp-interface-name

Indicates the VRRP interface name.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/vrrp-id

Indicates the VRRP ID.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/mode

Indicates the mapping mode.

/ietf-interfaces:interfaces/interface/huawei-nat:nat/qos-prenat

Indicates the NAT pre-classification function.

Creating Outbound NAT in Easy IP Mode

This section provides packet examples for creating outbound NAT using the merge method. In addition, the create method can also be adopted to create outbound NAT.

Table 3-337 Creating outbound NAT in Easy IP Mode

Operation

XPATH

edit-config:merge

/ietf-interfaces:interfaces/interface/huawei-nat:nat

Data Requirements
Table 3-338 NAT outbound

Item

Data

Description

ACL number

2000

Create outbound NAT in easy IP mode.

The ACL and VRRP group have been configured on the device.

GigabitEthernet

0/0/2

VRRP ID

1

QoS pre-NAT

true

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> 
<interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
<name>GigabitEthernet0/0/2</name> 
<type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
 <nat xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" ns0:operation="merge"> 
 <type>easyip</type> 
 <acl>2000</acl> 
 <vrrp-interface-name>GigabitEthernet0/0/2</vrrp-interface-name> 
 <vrrp-id>1</vrrp-id> 
 <qos-prenat>true</qos-prenat> 
</nat> 
</interface> 
</interfaces>  
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Deleting Outbound NAT in Easy IP Mode

This section provides packet examples for deleting outbound NAT using the remove method.

Table 3-339 Deleting outbound NAT in Easy IP Mode

Operation

XPATH

edit-config:merge

/ietf-interfaces:interfaces/interface/huawei-nat:nat

Data Requirements
Table 3-340 Deleting outbound NAT

Item

Data

Description

ACL number

2000

Delete outbound NAT in easy IP mode.

The ACL and VRRP group have been configured on the device.

GigabitEthernet

0/0/2

VRRP ID

1

QoS pre-NAT

true

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> 
<interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
<name>GigabitEthernet0/0/2</name> 
<type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
 <nat xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" ns0:operation="remove"> 
 <type>easyip</type> 
 <acl>2000</acl> 
 <vrrp-interface-name>GigabitEthernet0/0/2</vrrp-interface-name> 
 <vrrp-id>1</vrrp-id> 
 <qos-prenat>true</qos-prenat> 
</nat> 
</interface> 
</interfaces>  
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Creating Outbound NAT in Address Pool Mode

This section provides a packet sample for creating outbound NAT in address pool mode using the merge method. In addition, the create method can also be adopted to create outbound NAT in address pool mode.

Table 3-341 Creating outbound NAT in address pool mode

Operation

XPATH

edit-config:merge

/ietf-interfaces:interfaces/interface/huawei-nat:nat

Data Requirements
Table 3-342 Creating outbound NAT in address pool mode

Item

Data

Description

acl

2001

Create outbound NAT in address pool mode.

The ACL and address pool ID have been configured on the device.

GigabitEthernet

0/0/1

type

natpool

pool-id

2

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
 <edit-config> 
  <target> 
   <running/> 
  </target> 
  <error-option>rollback-on-error</error-option> 
  <config> 
   <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> 
    <interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
     <name>GigabitEthernet0/0/1</name> 
     <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
     <nat-outbound xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" ns0:operation="merge"> 
      <nat-outbound-entry> 
       <type>natpool</type> 
       <acl>2001</acl> 
       <pool-id>2</pool-id> 
      </nat-outbound-entry> 
     </nat-outbound> 
    </interface> 
   </interfaces>  
  </config> 
 </edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Deleting Outbound NAT in Address Pool Mode

This section provides a packet sample for deleting outbound NAT in address pool mode using the remove method.

Table 3-343 Deleting outbound NAT in address pool mode

Operation

XPATH

edit-config:merge

/ietf-interfaces:interfaces/interface/huawei-nat:nat

Data Requirements
Table 3-344 Deleting outbound NAT in address pool mode

Item

Data

Description

acl

2001

Delete outbound NAT in address pool mode.

GigabitEthernet

0/0/1

type

natpool

pool-id

2

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
 <edit-config> 
  <target> 
   <running/> 
  </target> 
  <error-option>rollback-on-error</error-option> 
  <config> 
   <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> 
    <interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
     <name>GigabitEthernet0/0/1</name> 
     <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
     <nat-outbound xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" ns0:operation="remove"> 
      <nat-outbound-entry> 
       <type>natpool</type> 
       <acl>2001</acl> 
       <pool-id>2</pool-id> 
      </nat-outbound-entry> 
     </nat-outbound> 
    </interface> 
   </interfaces>  
  </config> 
 </edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>

NAT Address Pool

This section describes the data model of the NAT address pool and provides the packet examples for creating and modifying the NAT address pool.

Data Model

The data model file matching the NAT address pool is huawei-nat.yang.

Table 3-345 NAT address pool

Object

Description

/huawei-nat:nat-address-group

Indicates that the object of requesting an operation (creation, deletion, and modification) is the NAT address group. It is a root object, which is only used to contain sub-objects.

/huawei-nat:nat-address-group/addressgroup/index

Indicates the index of the NAT address pool.

/huawei-nat:nat-address-group/addressgroup/start-ip

Indicates the start IP address of the NAT address pool.

/huawei-nat:nat-address-group/addressgroup/end-ip

Indicates the end IP address of the NAT address pool.

Creating an NAT Address Pool

This section provides packet examples for creating an NAT address pool using the merge method. In addition, the create method can also be adopted to create an NAT address pool.

Table 3-346 Creating an NAT address pool

Operation

XPATH

edit-config:merge

/huawei-nat:nat-address-group

Data Requirements
Table 3-347 Creating an NAT address pool

Item

Data

Description

Address pool index

1

Create an NAT address pool with the index 1, start address 192.168.3.6, and end address 192.168.3.11.

Start address

192.168.3.6

End address

192.168.3.11

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<nat-address-group xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
<addressgroup xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
<index>1</index> 
<start-ip>192.168.3.6</start-ip> 
<end-ip>192.168.3.11</end-ip> 
</addressgroup> 
</nat-address-group> 
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Deleting an NAT Address Pool

This section provides packet examples for deleting an NAT address pool using the remove method.

Table 3-348 Deleting an NAT address pool

Operation

XPATH

edit-config:remove

/huawei-nat:nat-address-group

Data Requirements
Table 3-349 Deleting an NAT address pool

Item

Data

Description

Address pool index

1

Delete an NAT address pool with the index 1, start address 192.168.3.6, and end address 192.168.3.11.

Start address

192.168.3.6

End address

192.168.3.11

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<nat-address-group xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
<addressgroup xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="remove"> 
<index>1</index> 
<start-ip>192.168.3.6</start-ip> 
<end-ip>192.168.3.11</end-ip> 
</addressgroup> 
</nat-address-group> 
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>

Static NAT (System View)

This section describes the data model of static NAT (system view) and provides the packet examples for creating and modifying static NAT.

Data Model

The data model file matching static NAT (system view) is huawei-nat.yang.

Table 3-350 Static NAT (system view)

Object

Description

/huawei-nat:nat-mapping-entrys

Indicates that the object of requesting an operation (creation and modification) is the static NAT (system view). It is a root object, which is only used to contain sub-objects.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/index

Indicates the index.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-address

Indicates the intranet address.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-vpn-instance

Indicates the intranet VPN.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/single-port-number/single-port-number

Indicates the intranet port number.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/port-range/start-port-number

Indicates the intranet start port number if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/port-range/end-port-number

Indicates the intranet end port number if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-address-type

Indicates the type of the external IP address.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-loopback-interface-number

Indicates the number of the loopback interface accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-interface-name

Indicates the name of the interface accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-address

Indicates the IP address accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/single-port-number/single-port-number

Indicates the port number accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/port-range/start-port-number

Indicates the start IP address accessed by external users if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/port-range/end-port-number

Indicates the end IP address accessed by external users if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/transport-protocol

Indicates the protocol used in the static NAT (system view).

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/address-mask

Indicates the IP address mask.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/vrrp-id

Indicates the VRRP ID.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/map-direction

Indicates the mapping direction.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/acl-number

Indicates the ACL number.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/map-description

Indicates the description.

Creating Static NAT

This section provides packet examples for creating static NAT(system view) using the merge method. In addition, the create method can also be adopted to create static NAT.

Table 3-351 Creating static NAT (system view)

Operation

XPATH

edit-config:merge

/huawei-nat:nat-mapping-entrys/nat-mapping-entry

Data Requirements
Table 3-352 Creating static NAT (system view)

Item

Data

Description

Transport protocol

6

Create static NAT based on the TCP protocol to map the intranet address 12.15.1.17 to the external address 10.26.45.52.

The VRRP group has been configured on the device.

Internal address

12.15.1.17

External address type

ipv4-address

External address

10.26.45.52

Map description

test01

Map direction

both

Address mask

255.255.255.0/24

VRRP ID

1

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="43a8e485-35d2-499e-895c-e2d2d5f555a8"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<nat-mapping-entrys xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
<nat-mapping-entry xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
<index>4</index> 
<transport-protocol>6</transport-protocol> 
<internal-address>12.15.1.17</internal-address> 
<external-address-type>ipv4-address</external-address-type> 
<external-address>10.26.45.52</external-address> 
<map-description>test01</map-description> 
<map-direction>both</map-direction> 
<address-mask>255.255.255.0/24</address-mask> 
<vrrp-id>1</vrrp-id> 
</nat-mapping-entry> 
</nat-mapping-entrys> 
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Deleting Static NAT

This section provides packet examples for deleting static NAT (system view) using the remove method.

Table 3-353 Deleting static NAT (system view)

Operation

XPATH

edit-config:remove

/huawei-nat:nat-mapping-entrys/nat-mapping-entry

Data Requirements
Table 3-354 Deleting static NAT (system view)

Item

Data

Description

Transport protocol

6

Delete static NAT based on the TCP protocol that maps the intranet address 12.15.1.17 to the external address 10.26.45.52.

The VRRP group has been configured on the device.

Internal address

12.15.1.17

External address type

ipv4-address

External address

10.26.45.52

Map description

test01

Map direction

both

Address mask

255.255.255.0/24

VRRP ID

1

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="43a8e485-35d2-499e-895c-e2d2d5f555a8"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<nat-mapping-entrys xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
<nat-mapping-entry xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="remove"> 
<index>4</index> 
<transport-protocol>6</transport-protocol> 
<internal-address>12.15.1.17</internal-address> 
<external-address-type>ipv4-address</external-address-type> 
<external-address>10.26.45.52</external-address> 
<map-description>test01</map-description> 
<map-direction>both</map-direction> 
<address-mask>255.255.255.0/24</address-mask> 
<vrrp-id>1</vrrp-id> 
</nat-mapping-entry> 
</nat-mapping-entrys> 
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>

Static NAT (Interface View)

This section describes the data model of static NAT (interface view) and provides the packet examples for creating and modifying static NAT.

Data Model

The data model file matching static NAT (interface view) is huawei-nat.yang.

Table 3-355 The NAT Static interface view

Object

Description

/huawei-nat:nat-mapping-entrys

Indicates that the object of requesting an operation (creation and modification) is the static NAT (interface view). It is a root object, which is only used to contain sub-objects.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/interface-name

Indicates the interface name.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/index

Indicates the index.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-address

Indicates the intranet address.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-vpn-instance

Indicates the intranet VPN.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/single-port-number/single-port-number

Indicates the intranet port number.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/port-range/start-port-number

Indicates the intranet start port number if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/internal-port/port-type/port-range/end-port-number

Indicates the intranet end port number if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-address-type

Indicates the type of the external IP address.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-loopback-interface-number

Indicates the number of the loopback interface accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-interface-name

Indicates the name of the interface accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-address

Indicates the IP address accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/single-port-number/single-port-number

Indicates the port number accessed by external users.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/port-range/start-port-number

Indicates the start IP address accessed by external users if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/external-src-port/port-type/port-range/end-port-number

Indicates the end IP address accessed by external users if a port range is configured.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/transport-protocol

Indicates the protocol used in static NAT (interface view).

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/address-mask

Indicates the IP address mask.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/vrrp-id

Indicates the VRRP ID.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/map-direction

Indicates the mapping direction.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/acl-number

Indicates the ACL number.

/huawei-nat:nat-mapping-entrys/nat-mapping-entry/map-description

Indicates the description.

Creating Static NAT

This section describes the data model of static NAT (interface view) and provides the packet examples for creating and modifying static NAT.

Table 3-356 Creating static NAT (interface view)

Operation

XPATH

edit-config:merge

/huawei-nat:nat-mapping-entrys/nat-mapping-entry

Data Requirements
Table 3-357 Creating static NAT (interface view)

Item

Data

Description

Interface name

GigabitEthernet0/0/5

Create static NAT based on the TCP protocol to map the intranet address 223.26.56.1 to the external address 223.121.11.11.

The VRRP group has been configured on the device.

Internal address

223.26.56.1

Internal port

None

Single port number

80

External address-type

ipv4-address

External address

223.121.11.11

External-src-port

None

Single port number

443

Transport protocol

6

VRRP ID

1

Map direction

both

Request Example
 <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="83a14d70-1701-4fc5-bcd7-afa8497369fa"> <edit-config> <target> <running/> </target> <error-option>rollback-on-error</error-option>  
 <config>  
 <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">  
 <interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
 <name>GigabitEthernet0/0/5</name>  
 <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
 </interface> 
 </interfaces>  
 <nat-mapping-entrys xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
 <nat-mapping-entry xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">  
 <index>3</index>  
 <interface-name>GigabitEthernet0/0/5</interface-name> 
 <internal-address>223.26.56.1</internal-address>  
 <internal-port> 
  <single-port-number>80</single-port-number> 
 </internal-port> 
 <external-address-type>ipv4-address  
 </external-address-type> 
 <external-address>223.121.11.11</external-address> 
 <external-src-port> 
  <single-port-number>443</single-port-number> 
 </external-src-port>  
 <transport-protocol>6</transport-protocol>  
 <vrrp-id>1</vrrp-id>  
 <map-direction>both</map-direction>  
 </nat-mapping-entry> </nat-mapping-entrys> 
 </config> </edit-config> 
 </rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Deleting Static NAT

This section provides packet examples for deleting static NAT (interface view) using the remove method.

Table 3-358 Deleting static NAT (interface view)

Operation

XPATH

edit-config:remove

/huawei-nat:nat-mapping-entrys/nat-mapping-entry

Data Requirements
Table 3-359 Deleting static NAT (interface view)

Item

Data

Description

Interface name

GigabitEthernet0/0/5

Delete static NAT based on the TCP protocol that maps the intranet address 223.26.56.1 to the external address 223.121.11.11.

The VRRP group has been configured on the device.

Internal address

223.26.56.1

Internal port

None

Single port number

80

External address-type

ipv4-address

External address

223.121.11.11

External-src-port

None

Single port number

443

Transport protocol

6

VRRP ID

1

Map direction

both

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="83a14d70-1701-4fc5-bcd7-afa8497369fa"> <edit-config> <target> <running/> </target> <error-option>rollback-on-error</error-option>  
 <config>  
 <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">  
 <interface xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
 <name>GigabitEthernet0/0/5</name>  
 <type xmlns:x="urn:ietf:params:xml:ns:yang:iana-if-type">x:ethernetCsmacd</type> 
 </interface> 
 </interfaces>  
 <nat-mapping-entrys xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
 <nat-mapping-entry xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="remove">  
 <index>3</index>  
 <interface-name>GigabitEthernet0/0/5</interface-name> 
 <internal-address>223.26.56.1</internal-address>  
 <internal-port> 
  <single-port-number>80</single-port-number> 
 </internal-port> 
 <external-address-type>ipv4-address  
 </external-address-type> 
 <external-address>223.121.11.11</external-address> 
 <external-src-port> 
  <single-port-number>443</single-port-number> 
 </external-src-port>  
 <transport-protocol>6</transport-protocol>  
 <vrrp-id>1</vrrp-id>  
 <map-direction>both</map-direction>  
 </nat-mapping-entry> </nat-mapping-entrys> 
 </config> </edit-config> 
 </rpc>  
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>

NAT ALG

This section describes the data model of the NAT ALG and provides the packet examples for creating and modifying the NAT ALG.

Data Model

The data model file matching the NAT ALG is huawei-nat.yang.

Table 3-360 NAT ALG

Object

Description

/huawei-nat:nat-algs

Indicates that the object of requesting an operation is the NAT ALG. It is a root object, which is only used to contain sub-objects.

/huawei-nat:nat-algs/ftp-alg-enable

Indicates that the NAT ALG function using the FTP protocol is enabled.

/huawei-nat:nat-algs/dns-alg-enable

Indicates that the NAT ALG function using the DNS protocol is enabled.

/huawei-nat:nat-algs/sip-alg-enable

Indicates that the NAT ALG function using the SIP protocol is enabled.

/huawei-nat:nat-algs/rtsp-alg-enable

Indicates that the NAT ALG function using the RTSP protocol is enabled.

Applications

This section provides packet examples for enabling the NAT ALG function. The FTP protocol is used as an example.

Table 3-361 Enabling an NAT ALG using the FTP protocol

Operation

XPATH

edit-config

/huawei-nat:nat-algs/ftp-alg-enable

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
<edit-config> 
<target> 
<running/> 
</target> 
<error-option>rollback-on-error</error-option> 
<config> 
<nat-algs xmlns="urn:huawei:params:xml:ns:yang:huawei-nat"> 
 <ftp-alg-enable>true</ftp-alg-enable> 
</nat-algs> 
</config> 
</edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>

NAT Session Log

Data Model

The configuration model file matching the NAT session log function is huawei-nat.yang.

Table 3-362 Data model

Object

Description

/huawei-nat:nat-session-log-config

Indicates that the object on which a requested operation (create, delete, or modify) is performed is nat-session-log-config. It is a root object, which is only used to contain sub-objects, but does not have any data meaning.

/huawei-nat:nat-session-log-config/nat-session-log-enable

Enables the NAT session log function.

/huawei-nat:nat-session-log-config/log-interval

Sets the interval for exporting NAT session logs.

The value is an integer in the range from 1 to 65535.

/huawei-nat:nat-session-log-config/binary-log-host-address

Set the IP address of the log server.

The value is in dotted decimal notation.

/huawei-nat:nat-session-log-config/binary-log-host-port

Set the port number of the log server.

The value is an integer in the range from 1 to 65535.

/huawei-nat:nat-session-log-config/binary-log-src-address

Set the IP address of the device that sends logs to the log server.

The value is in dotted decimal notation.

/huawei-nat:nat-session-log-config/binary-log-src-port

Set the port number of the device that sends logs to the log server.

The value is an integer in the range from 10240 to 65535.

Enabling the NAT Session Log Function

This section provides a packet sample for enabling the NAT session log function using the merge method. In addition, the create method can also be adopted to enable the NAT session log function.

Table 3-363 Enabling the NAT session log function

Operation

XPATH

edit-config:merge

/huawei-nat:nat-session-log-config/nat-session-log-enable

Data Requirements
Table 3-364 Enabling the NAT session log function

Item

Data

Description

nat-session-log-enable

true

-

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
 <edit-config> 
  <target> 
   <running/> 
  </target> 
  <error-option>rollback-on-error</error-option> 
  <config> 
   <nat-session-log-config xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
    <nat-session-log-enable>true</nat-session-log-enable> 
   </nat-session-log-config> 
  </config> 
 </edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Setting the Interval for Exporting NAT Session Logs

This section provides a packet sample for setting the interval for exporting NAT session logs using the merge method. In addition, the create method can also be adopted to set the interval for exporting NAT session logs.

Table 3-365 Setting the interval for exporting NAT session logs

Operation

XPATH

edit-config:merge

/huawei-nat:nat-session-log-config/log-interval

Data Requirements
Table 3-366 Setting the interval for exporting NAT session logs

Item

Data

Description

log-interval

100

-

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
 <edit-config> 
  <target> 
   <running/> 
  </target> 
  <error-option>rollback-on-error</error-option> 
  <config> 
   <nat-session-log-config xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
    <log-interval>100</log-interval> 
   </nat-session-log-config> 
  </config> 
 </edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Configuring a Binary Log Server

This section provides a packet sample for configuring a binary log server using the merge method. In addition, the create method can also be adopted to configure a binary log server.

Table 3-367 Configuring a binary log server

Operation

XPATH

edit-config:merge

/huawei-nat:nat-session-log-config/log-interval

Data Requirements
Table 3-368 Configuring a binary log server

Item

Data

Description

binary-log-host-address

1.1.1.1

Set the IP address of the log server.

binary-log-host-port

1001

Set the port number of the log server.

binary-log-src-address

2.2.2.1

Set the IP address of the device that sends logs to the log server.

binary-log-src-port

10240

Set the port number of the device that sends logs to the log server.

Request Example
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578"> 
 <edit-config> 
  <target> 
   <running/> 
  </target> 
  <error-option>rollback-on-error</error-option> 
  <config> 
   <nat-session-log-config xmlns="urn:huawei:params:xml:ns:yang:huawei-nat" xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge"> 
    <binary-log-host-address>1.1.1.1</binary-log-host-address> 
    <binary-log-host-port>1001</binary-log-host-port> 
    <binary-log-src-address>2.2.2.1</binary-log-src-address> 
    <binary-log-src-port>10240</binary-log-src-port> 
   </nat-session-log-config> 
  </config> 
 </edit-config> 
</rpc>
Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="b0bc2528-ebf8-494e-bedc-ca47ba18d578">
  <ok/>
</rpc-reply>
Translation
Download
Updated: 2019-03-06

Document ID: EDOC1100022096

Views: 8400

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next