Configuring NAT on an Ethernet Interface
Configuring Outside Nat Interface
Configuring Outside Nat Interface
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "default"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"natIf": "ip-nat-outside"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>default</name>
<if-items>
<If-list>
<id>eth1/2</id>
<natIf>ip-nat-outside</natIf>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
ip nat outside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| natDom | sys/nat/inst/dom-default |
| natEntity | sys/nat |
| natInst | sys/nat/inst |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| natIf | nat:NatTrafficDir (scalar:Enum8) | NAT interface config inside/outside | SELECTION: 0 - ip-nat-invalid 1 - ip-nat-inside 2 - ip-nat-outside |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting Outside Nat Interface
Deleting Outside Nat Interface
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "default"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"status": "deleted"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>default</name>
<if-items>
<If-list xc:operation="delete">
<id>eth1/2</id>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
no ip nat outside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| natDom | sys/nat/inst/dom-default |
| natEntity | sys/nat |
| natIf | sys/nat/inst/dom-default/if-[eth1/2] |
| natIf | sys/nat/inst/dom-default/if-[po123] |
| natIf | sys/nat/inst/dom-default/if-[vlan1] |
| natInst | sys/nat/inst |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| status | mo:ModificationStatus (scalar:Bitmask32) | Modification status | SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring Inside Nat Interface
Configuring Inside Nat Interface
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "default"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"natIf": "ip-nat-inside"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>default</name>
<if-items>
<If-list>
<id>eth1/2</id>
<natIf>ip-nat-inside</natIf>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
ip nat inside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| natDom | sys/nat/inst/dom-default |
| natEntity | sys/nat |
| natInst | sys/nat/inst |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| natIf | nat:NatTrafficDir (scalar:Enum8) | NAT interface config inside/outside | SELECTION: 0 - ip-nat-invalid 1 - ip-nat-inside 2 - ip-nat-outside |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting Inside Nat Interface
Deleting Inside Nat Interface
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "default"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"status": "deleted"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>default</name>
<if-items>
<If-list xc:operation="delete">
<id>eth1/2</id>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
no ip nat inside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| natDom | sys/nat/inst/dom-default |
| natEntity | sys/nat |
| natIf | sys/nat/inst/dom-default/if-[eth1/2] |
| natIf | sys/nat/inst/dom-default/if-[po123] |
| natIf | sys/nat/inst/dom-default/if-[vlan1] |
| natInst | sys/nat/inst |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| status | mo:ModificationStatus (scalar:Bitmask32) | Modification status | SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring Inside Nat Interface in a Non-Default VRF
Configuring Inside Nat Interface in a Non-Default VRF
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "BLUE"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"natIf": "ip-nat-inside"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
},
"children": [
{
"nwRtVrfMbr": {
"attributes": {
"tDn": "sys/inst-BLUE"
}
}
}
]
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>BLUE</name>
<if-items>
<If-list>
<id>eth1/2</id>
<natIf>ip-nat-inside</natIf>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
<rtvrfMbr-items>
<tDn>/System/inst-items/Inst-list[name='BLUE']</tDn>
</rtvrfMbr-items>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
vrf member BLUE
ip nat inside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| topSystem | sys |
| natEntity | sys/nat |
| natInst | sys/nat/inst |
| natDom | sys/nat/inst/dom-BLUE |
| natIf | sys/nat/inst/dom-BLUE/if-[eth1/2] |
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| nwRtVrfMbr | sys/intf/phys-[eth1/2]/rtvrfMbr |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| natIf | nat:NatTrafficDir (scalar:Enum8) | NAT interface config inside/outside | SELECTION: 0 - ip-nat-invalid 1 - ip-nat-inside 2 - ip-nat-outside |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
nwRtVrfMbr Properties
The following table contains information about the nwRtVrfMbr properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| tDn | reln:Dn reference:BinRef | The distinguished name of the target. |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting a Configured Inside Nat Interface in a Non-Default VRF
Deleting a Configured Inside Nat Interface in a Non-Default VRF
POST http://<mgmt0_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"natEntity": {
"children": [
{
"natInst": {
"children": [
{
"natDom": {
"attributes": {
"name": "BLUE"
},
"children": [
{
"natIf": {
"attributes": {
"id": "eth1/2",
"status": "deleted"
}
}
}
]
}
}
]
}
}
]
}
},
{
"interfaceEntity": {
"children": [
{
"l1PhysIf": {
"attributes": {
"id": "eth1/2"
},
"children": [
{
"nwRtVrfMbr": {
"attributes": {
"tDn": "sys/inst-BLUE"
}
}
}
]
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<nat-items>
<inst-items>
<dom-items>
<Dom-list>
<name>BLUE</name>
<if-items>
<If-list nc:operation="delete">
<id>eth1/2</id>
</If-list>
</if-items>
</Dom-list>
</dom-items>
</inst-items>
</nat-items>
<intf-items>
<phys-items>
<PhysIf-list>
<id>eth1/2</id>
<rtvrfMbr-items>
<tDn>/System/inst-items/Inst-list[name='BLUE']</tDn>
</rtvrfMbr-items>
</PhysIf-list>
</phys-items>
</intf-items>
</System>
Note: This example was added in Release 9.3(1).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
interface ethernet 1/2
vrf member BLUE
no ip nat inside
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| topSystem | sys |
| natEntity | sys/nat |
| natInst | sys/nat/inst |
| natDom | sys/nat/inst/dom-BLUE |
| natIf | sys/nat/inst/dom-BLUE/if-[eth1/2] |
| interfaceEntity | sys/intf |
| l1PhysIf | sys/intf/phys-[eth1/2] |
| nwRtVrfMbr | sys/intf/phys-[eth1/2]/rtvrfMbr |
natDom Properties
The following table contains information about the natDom properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| name | naming:Name256 string:Basic | The name of the object. | RANGE: Min: "1" Max: "128" |
natIf Properties
The following table contains information about the natIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
| status | mo:ModificationStatus (scalar:Bitmask32) | Modification status | SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced |
l1PhysIf Properties
The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) | An identifier . | Must match first field in the output of `show intf brief`. Example: Eth1/1 or Vlan100 |
nwRtVrfMbr Properties
The following table contains information about the nwRtVrfMbr properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| tDn | reln:Dn reference:BinRef | The distinguished name of the target. |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide: