/ DOCS
nav-img
Advanced

Creating an SNAT Rule Using a Specific Subnet

Scenarios

This section describes how to create an SNAT rule by calling APIs. For details about how to call APIs, see Calling APIs.

Prerequisites

  • You have created a VPC and a subnet. For details, see Virtual Private Cloud API Reference.
  • Ensure that the VPC does not have a default route.
  • You can create a rule only when status of the NAT gateway is ACTIVE and admin_state_up of the NAT gateway administrator is True.
  • If you use a token for authentication, you must obtain the token and add X-Auth-Token to the request header when making an API call. Obtain the token by referring to Authentication.
Note

The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequent calling.

Procedure

  1. Create a NAT gateway.

    1. Determine the VPC to be used.
      • Query VPCs.

        URI format: GET /v1/{project_id}/vpcs

        For details, see "Querying VPCs" in the Virtual Private Cloud API Reference.

      • Select a VPC that does not have a default route, and make a note of the VPC ID.
    2. Determine the subnet in the VPC to be used.
      • Query the subnets in the VPC.

        URI format: GET /v1/{project_id}/subnets?vpc_id={vpc_id}

        For details, see "Querying Subnets" in the Virtual Private Cloud API Reference.

      • Select a subnet based on service requirements and make a note of the subnet ID.
    3. Create a NAT gateway.
      • API

        URI format: POST /v2/{project_id}/nat_gateways

        For details, see Creating a NAT Gateway.

      • Example request

        POST https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/nat_gateways

        Obtain {endpoint} from Regions and Endpoints.

      • Example response
      {  
          "nat_gateway": {  
              "router_id": "d84f345c-80a1-4fa2-a39c-d0d397c3f09a",  
              "status": "PENDING_CREATE",  
              "description": "my nat gateway 01",  
              "admin_state_up": true,  
              "tenant_id": "27e25061336f4af590faeabeb7fcd9a3",  
              "created_at": "2017-11-18 07:34:32.203044",  
              "spec": "1",  
              "internal_network_id": "89d66639-aacb-4929-969d-07080b0f9fd9",  
              "id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",  
              "name": "nat_001", 
              "dnat_rules_limit": "200", 
              "snat_rule_public_ip_limit": "20", 
              "enterprise_project_id": "0aad99bc-f5f6-4f78-8404-c598d76b0ed2", 
              "billing_info": "" 
          }  
      }
    4. Ensure that the NAT gateway is successfully created and is in the active state.

      API

      URI format: GET /v2/{project_id}/nat_gateways/{nat_gateway_id}

      For details, see Querying Details of a Specified NAT Gateway.

    5. Make a note of the NAT gateway ID and the value of internal_network_id.

  2. Determine the EIP to be used.

    1. Query EIPs.

      API

      URI format: GET /v1/{project_id}/publicips

      For details, see "Querying EIPs" in the Elastic IP API Reference.

    2. Select an EIP based on service requirements and make a note of the EIP ID.

  3. Create an SNAT rule.

    • API

      URI format: POST /v2/{project_id}/snat_rules

      For details, see Creating an SNAT Rule.

    • Example request

      POST https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/snat_rules

      Obtain {endpoint} from Regions and Endpoints.

      Body:

      {
          "snat_rule": {
              "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
              "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
              "source_type": 0,
              "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
              "description": "my snat rule 01"
          }
      }
    • Example response
      {
          "snat_rule": {
              "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
              "status": "PENDING_CREATE",
              "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
              "admin_state_up": true,
              "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
              "description": "",
              "source_type": 0,
              "tenant_id": "27e25061336f4af590faeabeb7fcd9a3",
              "created_at": "2017-11-18 07:54:21.665430",
              "id": "5b95c675-69c2-4656-ba06-58ff72e1d338",
              "floating_ip_address": "5.21.11.226"
          }
      }

  4. Verify that the SNAT rule is successfully created.

    • API

      URI format: GET /v2/{project_id}/snat_rules/{snat_rule_id}

      For details, see Querying Details About a Specified SNAT Rule.

    • Example request

      GET https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/snat_rules/5b95c675-69c2-4656-ba06-58ff72e1d338

      Obtain {endpoint} from Regions and Endpoints.

    • Example response
      {
          "snat_rule": {
              "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
              "status": "ACTIVE",
              "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
              "admin_state_up": true,
              "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
              "source_type": 0,
              "tenant_id": "27e25061336f4af590faeabeb7fcd9a3",
              "created_at": "2017-11-18 07:54:21.665430",
              "id": "5b95c675-69c2-4656-ba06-58ff72e1d338",
              "floating_ip_address": "5.21.11.226",
              "freezed_ip_address": "",
              "description": "my snat rule 01"
          }
      }

Parent topic: Application Examples
Предыдущая статья
Application Examples
Следующая статья
Creating a DNAT Rule Using a Specific ECS
Была ли эта статья полезна?
Поддержка Юридические документы
© 2025 Cloud.ru