How Do I Prevent Packets Sent to an IP Address in a Configured NAT Address Pool from Being Discarded?

After a NAT address pool is configured on an interface, a 32-bit local user network route (UNR) is automatically generated, and its priority is 64. When a packet sent to an IP address in the address pool passes the router, it matches the 32-bit local UNR and is sent to the router protocol stack. However, the router cannot forward the packet because it does not have the protocol stack of the IP address. The packet is discarded.

You can run the ip route-static command to configure a static route. The default priority of a static route is 60, which is higher than that of the UNR. This configuration prevents packets sent to an IP address in the address pool from being discarded.

For example, configure a NAT address pool to implement many-to-one address translation for hosts on the network segment 10.110.10.0/24. The IP address 1.1.1.1 is configured in the NAT address pool.

<Huawei> system-view
[Huawei] acl number 2001
[Huawei-acl-basic-2001] rule permit source 10.110.10.0 0.0.0.255
[Huawei-acl-basic-2001] quit
[Huawei] nat address-group 1 1.1.1.1 1.1.1.1
[Huawei] interface gigabitethernet 0/0/1
[Huawei-Gigabitethernet0/0/1] nat outbound 2001 address-group 1
[Huawei-Gigabitethernet0/0/1] quit

After completing the NAT address pool configuration, check the routing table. A UNR with the priority of 64 is added to the table.

[Huawei] display ip routing-table
Route Flags:Route Flags: R - relay, D - download to fib                         
------------------------------------------------------------------------------  
Routing Tables: Public                                                          
         Destinations : 5        Routes : 5                                     

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface      

        1.1.1.1/32  Unr     64   0           D   127.0.0.1       InLoopBack0    
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

Run the ip route-static command to configure a static route with the destination IP address 1.1.1.1. After completing the configuration, check the routing table.

[Huawei] ip route-static 1.1.1.1 32 192.168.200.100
[Huawei] display ip routing-table
Route Flags: R - relay, D - download to fib                                     
------------------------------------------------------------------------------  
Routing Tables: Public                                                          
         Destinations : 6       Routes : 6                                    

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface      

        1.1.1.1/32  Static  60   0          RD   192.168.200.100 GigabitEthernet0/0/0
        1.1.1.1/32  Unr     64   0           D   127.0.0.1       InLoopBack0    
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

As shown in the preceding routing table, a static route with the destination IP address 1.1.1.1 is added. The router then uses this static route to forward packets sent to the IP address in the address pool.