You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Koushik Das <ko...@citrix.com> on 2013/06/03 17:33:07 UTC

StaticNatRule vs StaticNat

What is the difference between these interfaces? I see that StaticNat is used in network elements. And StaticNatRule used elsewhere including APIs. Given that PF and FW rules uses a single interface everywhere, should a similar thing be there for static nat rules as well?

-Koushik

Re: StaticNatRule vs StaticNat

Posted by Alena Prokharchyk <Al...@citrix.com>.

On 6/3/13 8:33 AM, "Koushik Das" <ko...@citrix.com> wrote:

>What is the difference between these interfaces? I see that StaticNat is
>used in network elements.

StaticNat maps user VM to the Public IP address.

>And StaticNatRule used elsewhere including APIs.

Legacy code. In 2.1.x version of the CS there were no Firewall Rules, and
to give an access to certain port of the VM mapped to the Public IP via
StaticNat, createIpForwardingRule API command had to be called. The rule
created through this command, had a purpose StaticNat in firewall_rules
table, and used StaticNatRule interface.

> Given that PF and FW rules uses a single interface everywhere, should a
>similar thing be there for static nat rules as well?

Be careful as customers upgraded from 2.1.x CS, might have rules with
StaticNat Purpose. If you decide to revoke corresponding code, make sure
to fix the DB upgrade scripts to transform rules with the StaticNat
purpose, to the rules with Firewall purpose.

>
>-Koushik
>