vRealize Automation – vCAC 6.1 – Creating a One to Many NAT Network Profile

When configuring a NAT Network Profile you have two options.  You can configure a one-to-one or a one-to-many.  Here we are going to walk through creating a one-to-many NAT Network Profile.  One-to-many NAT network are networks that do source NAT only.  This will allow any machine provisioned onto the network to communicate out of the network under one IP address, however there is no NAT translation configured to come into the network for any services.  When you use a one-to-many NAT network profile in a Multi-Machine Blueprint an NSX Edge Gateway will be deployed, however routing will not be enabled and a Source NAT rule and relevant firewall rules will be created. NAT network get IP address from a pool of IP’s that will be reused over and over again for each deployment.  The nature of NAT let’s us reuse the IP’s because the different apps being deployed will all communicate using unique IP address on the outside of the provisioned Edge Gateway.  Although I am using a class C network in my example I really don’t need to.  If I will never have more than six machines on the NAT network I could use a /29 network if I wanted to, but for simplicity I used a class C and assigned a fairly large range……just in case 😉

 

In the below diagram I’m going to represent the orange network as a one-to-many NAT network.  All machines provisioned behind the router will get an IP address from the NAT Pool and all will SNAT to the upstream network as the external IP address of the router.  The external IP is assigned from the External Network Profile that is assigned to the NAT Network Profile.

image

 

Creating a One-To Many NAT Network Profile.

1. Navigate to Infrastructure –> Reservations –> Network Profiles, then hover over New Network Profile and select NAT.

image

2. Assign a Name, then select the External Network profile that will be used to assign the external IP address of the NSX Edge Gateway, next select the NAT type of One-to-Many, assign the subnet mask (Remember this only needs to be as large as you will need behind any NAT network you deploy.) then assign the default gateway.  When finished select the IP Ranges tab at the top.

image

3. Select New Network Range, assign it a Name, and input the starting and ending IP address.  Again although I’m using a large range on a class C network you don’t need to.  You can utilize a smaller range is that is all that you need.  Once finished click OK to save the One-To-Many Nat Network Profile.

image

 

Leave a Reply