| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| en:dpi:opt_cgnat:сgnat_settings [2024/10/14 11:07] – [Additional Settings] elena.krasnobryzh | en:dpi:opt_cgnat:сgnat_settings [2024/11/29 10:33] (current) – elena.krasnobryzh |
|---|
| | {{tag>Services "Service 11" NAT CG-NAT}} |
| ====== Settings and management ====== | ====== Settings and management ====== |
| {{indexmenu_n>2}} | {{indexmenu_n>2}} |
| |
| <code bash>nat_transcode_cidr=201.201.210.0/24,201.210.210.0/29</code> | <code bash>nat_transcode_cidr=201.201.210.0/24,201.210.210.0/29</code> |
| The description of the parameter can be found in the [[https://wiki.vasexperts.ru/doku.php?id=en:dpi:opt_cgnat:сgnat_settings&do=edit#parameters_and_possible_values|table]] below.\\ | The description of the parameter can be found in the [[en:dpi:opt_cgnat:сgnat_settings#parameters_and_possible_values|table]] below.\\ |
| The ''nat_transcode_cidr'' parameter is **only** relevant when using the new distribution method **AND** using NAT 1:1. In other cases this parameter is not taken into account and is not considered an error. | The ''nat_transcode_cidr'' parameter is **only** relevant when using the new distribution method **AND** using NAT 1:1. In other cases this parameter is not taken into account and is not considered an error. |
| |
| =====Parameters and possible values===== | =====Parameters and possible values===== |
| ^ NAT profile parameters ^^ | ^ NAT profile parameters ^^ |
| ^ Parameter ^ Value ^ | ^ Parameter ^ Value ^ |
| | ''nat_ip_pool''\\ string | A range of external IP addresses in CIDR format. The pool size should **not be smaller** than [[en:dpi:opt_cgnat:faq#why_an_address_pool_of_at_least_2_or_4_addresses_is_recommended_to_create|the number of worker threads]]. | | | ''nat_ip_pool''\\ string | A range of external IP addresses in CIDR format. The pool size should **not be smaller** than [[en:dpi:faq:cgnat|the number of worker threads]]. | |
| | ''nat_tcp_max_sessions''\\ integer | The maximum number of TCP sessions a subscriber can create.\\ Default: 2000. | | | ''nat_tcp_max_sessions''\\ integer | The maximum number of TCP sessions a subscriber can create.\\ Default: 2000. | |
| | ''nat_udp_max_sessions''\\ integer | The maximum number of UDP sessions a subscriber can create.\\ Default: 2000. | | | ''nat_udp_max_sessions''\\ integer | The maximum number of UDP sessions a subscriber can create.\\ Default: 2000. | |
| | ''nat_type''\\ integer | Sets the type of profile.\\ Choices:\\ ''0'' --- CGNAT;\\ ''1'' --- NAT 1:1. | | | ''nat_type''\\ integer | Sets the type of profile.\\ Choices:\\ ''0'' --- CGNAT;\\ ''1'' --- NAT 1:1. | |
| | ''nat_ports''\\ string | The range of ports used for translation on external addresses.\\ Default: 1024-65535. | | | ''nat_ports''\\ string | The range of ports used for translation on external addresses.\\ Default: 1024-65535. | |
| |
| ^ fastdpi.conf parameters || | ^ fastdpi.conf parameters ^^ |
| ^ Parameter ^ Value ^ | ^ Parameter ^ Value ^ |
| | ''nat_max_profiles''\\ integer | Maximum number of profiles with pool parameters.\\ Default: 4.\\ Max: 65000 (if sufficient RAM is available). | | | ''nat_max_profiles''\\ integer | Maximum number of profiles with pool parameters.\\ Default: 4.\\ Max: 65000 (if sufficient RAM is available). | |
| | ''nat_private_cidr''\\ string | Specifies additional private address ranges in addition to the standard ranges((Standard ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10)).\\ Max: 4 ranges. | | | ''nat_private_cidr''\\ string | Specifies additional private address ranges in addition to the standard ranges((Standard ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10)).\\ Max: 4 ranges. | |
| | ''lifetime_flow''\\ integer | Specifies the short queue time in seconds for TCP SYN, FIN, UDP.\\ Default: 60. | | | ''lifetime_flow''\\ integer | Specifies the short queue time in seconds for TCP SYN, FIN, UDP.\\ Default: 60. | |
| | ''lifetime_flow_long''\\ integer | Specifies the long queue time in seconds for a TCP DATA established connection.\\ Default: 300. | | | ''lifetime_flow_long''\\ integer | Specifies the long queue time in seconds for a TCP DATA established connection. SSG controls flags in TCP connections (FIN, RST) when connections are closed and connections are put into a short queue.\\ Default: 300. | |
| | ''nat_whp_lifetime''\\ integer | Specifies the short queue time in seconds for NAT broadcast for TCP SYN, FIN, UDP. This parameter overrides ''lifetime_flow'' for NAT broadcasts only.\\ Default: 75. | | | ''nat_whp_lifetime''\\ integer | Specifies the short queue time in seconds for NAT broadcast for TCP SYN, FIN, UDP. This parameter overrides ''lifetime_flow'' for NAT broadcasts only. \\ Default: 75. | |
| | ''nat_whp_lifetime_long''\\ integer | Specifies the long queue time in seconds for NAT broadcast for a TCP DATA established connection. This parameter overrides ''lifetime_flow_long'' for NAT broadcasts only.\\ Default: 375. | | | ''nat_whp_lifetime_long''\\ integer | Specifies the long queue time in seconds for NAT broadcast for a TCP DATA established connection. This parameter overrides ''lifetime_flow_long'' for NAT broadcasts only. SSG controls flags in TCP connections (FIN, RST) when connections are closed and connections are put into a short queue.\\ Default: 375. | |
| | ''nat_transcode_cidr''\\ string\\ //Add in 12.0// | Specifies the CIDR of the operator's public addresses. \\ Only 2 CIDRs can be specified (in case of using more CIDRs, it is acceptable to specify a wider CIDR). The values are used when transcoding public -> private for NAT 1:1. Any public address can be assigned to a private address for NAT 1:1. | | | ''nat_transcode_cidr''\\ string\\ //Add in 12.0// | Specifies the CIDR of the operator's public addresses. \\ Only 2 CIDRs can be specified (in case of using more CIDRs, it is acceptable to specify a wider CIDR). The values are used when transcoding public -> private for NAT 1:1. Any public address can be assigned to a private address for NAT 1:1. | |
| | ''rx_dispatcher''\\ integer \\ //Add in 12.0// | The method of hashing flow by workflow.\\ Choices:\\ ''0'' --- previous method ← (default). ''(IP_SRC+IP_DST)%N ) & IP_MASK''\\ ''1'' --- a method with uniform balancing over an arbitrary number of flows **with** NAT 1:1 support with the requirement to assign specific addresses. ''(CRC(IP_SRC)%N+CRC(IP_DST)%N)%N''\\ ''2'' --- a method with uniform balancing over an arbitrary number of flows **without** NAT 1:1 support with the requirement to assign specific addresses. | | | ''rx_dispatcher''\\ integer \\ //Add in 12.0// | The method of hashing flow by workflow.\\ Choices:\\ ''0'' --- previous method ← (default). ''(IP_SRC+IP_DST)%N ) & IP_MASK''\\ ''1'' --- a method with uniform balancing over an arbitrary number of flows **with** NAT 1:1 support with the requirement to assign specific addresses. ''(CRC(IP_SRC)%N+CRC(IP_DST)%N)%N''\\ ''2'' --- a method with uniform balancing over an arbitrary number of flows **without** NAT 1:1 support with the requirement to assign specific addresses. | |
