ACLs Applied to NAT

A NAT instance distributes user packets to different NAT address pools for address translation according to ACL matching in the command line. Addresses can be selected from the corresponding NAT address pool to perform NAT for packets only when the packets match the specified ACL rule and the action defined for the rule is permit.

Table 1 Matching Principle of ACLs Applied to NAT
ACL Matching Result Processing Result of NAT
The packet matches the permit rule NAT is executed
The packet matches the deny rule NAT is not executed, the packet is forwarded directly.
The packet mismatches all rules
The relative ACL does not exist NAT is not executed, all packet are forwarded directly.
The relative ACL exists but there is no rule in the ACL
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >