Creating a DNAT Rule

Function

This API is used to create a DNAT rule.

Note

You can create a DNAT rule only when status of the NAT gateway is set to ACTIVE and admin_state_up of the NAT gateway administrator to True. Either port_id or private_ip is used each time. If you create a rule that applies to all port types, set internal_service_port to 0, external_service_port to 0, and protocol to ANY.

URI

POST /v2.0/dnat_rules

Request

Table 1 describes the request parameter.

Table 1 Request parameter

Parameter	Mandatory	Type	Description
dnat_rule	Yes	Object	Specifies the DNAT rule object. For details, see Table 2.

Table 2 Description of the dnat_rule field

Parameter	Mandatory	Type	Description
nat_gateway_id	Yes	String	Specifies the NAT gateway ID.
port_id	No	String	Specifies the port ID of the server (ECS). Either this parameter or private_ip must be specified. When the DNAT rule is used in the VPC scenario, use this parameter.
private_ip	No	String	Specifies the private IP address, for example, the IP address of an on-premises network connected by a Direct Connect connection. This parameter and port_id are alternative. When the DNAT rule is used in the Direct Connect scenario, use this parameter.
internal_service_port	Yes	Integer	Specifies the protocol port number used by the server (ECS) to provide services. Supported range: 0 to 65535
floating_ip_id	Yes	String	Specifies the EIP ID.
external_service_port	Yes	Integer	Specifies the EIP port for providing services accessible from the Internet. Supported range: 0 to 65535
protocol	Yes	String	Specifies the protocol type. TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.

Note

To map all ports, set internal_service_port and external_service_port to 0 and protocol to ANY or 0.

Response

Table 3 lists response parameters.

Table 3 Response parameter

Parameter	Type	Description
dnat_rule	Object	Specifies the DNAT rule object. For details, see Table 4.

Table 4 Description of the dnat_rule field

Parameter	Type	Description
id	String	Specifies the DNAT rule ID.
tenant_id	String	Specifies the project ID.
nat_gateway_id	String	Specifies the NAT gateway ID.
port_id	String	Specifies the port ID of the server (ECS). This parameter is used in VPC scenarios. Either this parameter or private_ip must be specified.
private_ip	String	Specifies the IP address of an on-premises network connected by a Direct Connect connection. This parameter is used in the Direct Connect scenario. This parameter and port_id are alternative.
internal_service_port	Integer	Specifies the protocol port number used by the server (ECS) to provide services.
floating_ip_id	String	Specifies the EIP ID.
floating_ip_address	String	Specifies the EIP address.
external_service_port	Integer	Specifies the EIP port for providing services accessible from the Internet.
protocol	String	Specifies the protocol type. TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.
status	String	Specifies the status of the DNAT rule. For details about all its values, see Table 1.
admin_state_up	Boolean	Specifies whether the NAT gateway is up or down. The state can be: true: The DNAT rule is enabled. false: The DNAT rule is disabled.
created_at	String	Specifies when the DNAT rule is created (UTC time). Its value rounds to 6 decimal places for seconds. The format is yyyy-mm-dd hh:mm:ss.ffffff.

Examples

• Example request

  1. Create a rule for a specified port.

     POST https://{Endpoint}/v2.0/dnat_rules
     {
         "dnat_rule": {
             "floating_ip_id": "bf99c679-9f41-4dac-8513-9c9228e713e1",
             "nat_gateway_id": "cda3a125-2406-456c-a11f-598e10578541",
             "port_id": "9a469561-daac-4c94-88f5-39366e5ea193",
             "internal_service_port": 993,
             "protocol": "tcp",
             "external_service_port": 242
         }
     }
     

  2. Create a rule for all ports.

     POST https://{Endpoint}/v2.0/dnat_rules
     {
         "dnat_rule": {
             "floating_ip_id": "Cf99c679-9f41-4dac-8513-9c9228e713e1",
             "nat_gateway_id": "Dda3a125-2406-456c-a11f-598e10578541",
             "private_ip": "192.168.1.100",
             "internal_service_port": 0,
             "protocol": "any",
             "external_service_port": 0
         }
     }
     

• Example response

  1. Create a response for a specified port.

     {
         "dnat_rule": {
             "floating_ip_id": "bf99c679-9f41-4dac-8513-9c9228e713e1",
             "status": "ACTIVE",
             "nat_gateway_id": "cda3a125-2406-456c-a11f-598e10578541",
             "admin_state_up": true,
             "port_id": "9a469561-daac-4c94-88f5-39366e5ea193",
             "internal_service_port": 993,
             "protocol": "tcp",
             "tenant_id": "abc",
             "created_at": "2017-11-15 15:44:42.595173",
             "id": "79195d50-0271-41f1-bded-4c089b2502ff",
             "floating_ip_address": "5.21.11.226",
             "external_service_port": 242,
             "private_ip": ""
         }
     }
     

  2. Create a response for all ports.

     {
         "dnat_rule": {
             "floating_ip_id": "cf99c679-9f41-4dac-8513-9c9228e713e1",
             "status": "ACTIVE",
             "nat_gateway_id": "dda3a125-2406-456c-a11f-598e10578541",
             "admin_state_up": true,
             "private_ip": "192.168.1.100",
             "internal_service_port": 0,
             "protocol": "any",
             "tenant_id": "abc",
             "created_at": "2017-11-15 15:44:42.595173",
             "id": "79195d50-0271-41f1-bded-4c089b2502ff",
             "floating_ip_address": "5.21.11.227",
             "external_service_port": 0
         }
     }
     

Status Code

See Status Codes.

last updated: 2024-11-08 14:15 UTC - commit: 52122061fae9bed690784e816eccd223e382978d