VALID NAT POOL



  • Hi,

    Can you use the network address and broadcast address of your public IP Bloc as part of the NAT Pool ?

    example given the public subnet xx.xxx.196.0 /30

    can you use the following as the Address Pool for NAT ?

    xx.xxx.196.0 ( network )
    xx.xxx.196.1
    xx.xxx.196.2
    xx.xxx.196.3 ( broadcast )

    Thanks!



  • Try it and see what happens.  However, I don't think you want to do that, even if it is possible.  Those addresses are not supposed to be assigned to devices.  Why would you even want to?
    BTW, I just took a look and those addresses are excluded from the available range.


  • Rebel Alliance Developer Netgate

    It entirely depends on the context.

    If you use that subnet on an interface directly, then no, those cannot be used.

    If your ISP has routed a subnet to you and you do not have it defined on an interface nor have any CARP or alias VIPs defined, you can use the entire subnet including the network and broadcast addresses for NAT.

    So for example:

    This will NOT work using the network or broadcast:

    x.x.x.0/30 - network
    x.x.x.1 - ISP
    x.x.x.2 - You
    x.x.x.3 - Broadcast

    This will work:

    The above on WAN, plus y.y.y.0/30 routed to x.x.x.2, then set y.y.y.0/30 as an outbound NAT subnet



  • Thanks for the responses!

    Will be trying out the following as suggested by jimp:

    The above on WAN, plus y.y.y.0/30 routed to x.x.x.2, then set y.y.y.0/30 as an outbound NAT subnet"