Help Center> NAT Gateway> API Reference> API v2> DNAT Rules> Creating a DNAT Rule

Creating a DNAT Rule

Function

This API is used to create a DNAT rule.

You can create a DNAT rule only when status of the NAT gateway is set to ACTIVE and admin_state_up of the NAT gateway administrator to True. Either port_id or private_ip is used each time. If you create a rule that applies to all port types, set internal_service_port to 0, external_service_port to 0, and protocol to ANY.

URI

POST /v2/{project_id}/dnat_rules

**Table 1** Parameter description
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID.

Request

Table 2 lists the request parameters.

**Table 2** Request parameter
Parameter	Mandatory	Type	Description
dnat_rule	Yes	Object	Specifies the DNAT rule object. For details, see Table 3.

**Table 3** Description of the **dnat_rule** field
Parameter	Mandatory	Type	Description
nat_gateway_id	Yes	String	Specifies the NAT gateway ID.
port_id	No	String	Specifies the port ID of an ECS or a BMS. This parameter and private_ip are alternative. For details about how to obtain the port ID of an ECS, see Binding a Virtual IP Address to an ECS NIC. For details about how to obtain the port ID of a BMS, see Querying IP Addresses of BMSs (Native OpenStack API).
private_ip	No	String	Specifies the private IP address of a user, for example, the IP address of a VPC for Direct Connect connection. This parameter and port_id are alternative.
internal_service_port	Yes	Integer	Specifies the port used by ECSs or BMSs to provide services for external systems. For details, see Which Ports Cannot Be Accessed? The value ranges from 0 to 65535.
floating_ip_id	Yes	String	Specifies the EIP ID. For details about how to obtain the EIP ID, see Querying EIPs.
external_service_port	Yes	Integer	Specifies the port for providing external services. For details, see Which Ports Cannot Be Accessed? The value ranges from 0 to 65535.
protocol	Yes	String	Specifies the protocol type. Currently, TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.
description	No	String	Provides supplementary information about the DNAT rule.
internal_service_port_range	No	String	Specifies the port range used by ECSs or BMSs to provide services for external systems. The port range is the same as the value of external _service_port_range. The value ranges from 1 to 65535. Specify two port numbers separated by a single hyphen (-) and no blank spaces in the format, x-y, where x is lower than y.
external_service_port_range	No	String	Specifies the port range used by the floating IP address for providing external services. The port range is the same as the value of internal _service_port_range. The value ranges from 1 to 65535. Specify two port numbers separated by a single hyphen (-) and no blank spaces in the format, x-y, where x is lower than y.

Response

Table 4 lists response parameters.

**Table 4** Response parameter
Parameter	Type	Description
dnat_rule	Object	Specifies the DNAT rule object. For details, see Table 5.

**Table 5** Description of the **dnat_rule** field
Parameter	Type	Description
id	String	Specifies the DNAT rule ID.
tenant_id	String	Specifies the project ID.
nat_gateway_id	String	Specifies the NAT gateway ID.
port_id	String	Specifies the port ID of an ECS or a BMS. This parameter and private_ip are alternative. For details about how to obtain the port ID of an ECS, see Binding a Virtual IP Address to an ECS NIC. For details about how to obtain the port ID of a BMS, see Querying IP Addresses of BMSs (Native OpenStack API).
private_ip	String	Specifies the private IP address of a user, for example, the IP address of a VPC for Direct Connect connection.
internal_service_port	Integer	Specifies the port used by ECSs or BMSs to provide services for external systems.
floating_ip_id	String	Specifies the EIP ID.
floating_ip_address	String	Specifies the EIP.
external_service_port	Integer	Specifies the port for providing external services.
protocol	String	Specifies the protocol type. Currently, TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.
description	String	Provides supplementary information about the DNAT rule.
status	String	Specifies the status of the DNAT rule. For details about all its values, see Table 1.
admin_state_up	Boolean	Specifies the unfrozen or frozen state. The value can be: true: indicates the unfrozen state. false: indicates the frozen state.
created_at	String	Specifies when the DNAT rule is created (UTC time). Its value rounds to 6 decimal places for seconds. The format is yyyy-mm-dd hh:mm:ss.
internal_service_port_range	String	Specifies the port range used by ECSs or BMSs to provide services for external systems. The port range is the same as the value of external _service_port_range. The value ranges from 1 to 65535.
external_service_port_range	String	Specifies the port range used by the floating IP address for providing external services. The port range is the same as the value of internal _service_port_range. The value ranges from 1 to 65535.

Examples

Example request

Create a rule for a specified port.

POST https://{Endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/dnat_rules
{ 
     "dnat_rule": { 
         "floating_ip_id": "bf99c679-9f41-4dac-8513-9c9228e713e1", 
         "nat_gateway_id": "cda3a125-2406-456c-a11f-598e10578541", 
         "port_id": "9a469561-daac-4c94-88f5-39366e5ea193", 
         "internal_service_port": 993, 
         "protocol": "tcp", 
         "external_service_port": 242, 
         "description": "my dnat rule 01"
     } 
 }

Create a rule for all ports.

POST https://{Endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/dnat_rules
{ 
     "dnat_rule": { 
         "floating_ip_id": "Cf99c679-9f41-4dac-8513-9c9228e713e1", 
         "nat_gateway_id": "Dda3a125-2406-456c-a11f-598e10578541", 
         "private_ip": "192.168.1.100", 
         "internal_service_port": 0, 
         "protocol": "any", 
         "external_service_port": 0, 
         "description": "my dnat rule 01" 
     } 
 }

Create a rule based on the specified port range.

POST https://{Endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/dnat_rules
{ 
     "dnat_rule": { 
         "floating_ip_id": "Cf99c679-9f41-4dac-8513-9c9228e713e1", 
         "nat_gateway_id": "Dda3a125-2406-456c-a11f-598e10578541", 
         "private_ip": "192.168.1.100", 
         "internal_service_port": 0, 
         "protocol": "tcp", 
         "external_service_port": 0, 
         "description": "my dnat rule 01" ,
         "external_service_port_range":"100-200",
         "internal_service_port_range":"100-200"
     } 
 }

Example response

Create a response for a specified port.

{          
     "dnat_rule": { 
         "floating_ip_id": "bf99c679-9f41-4dac-8513-9c9228e713e1", 
         "status": "ACTIVE", 
         "nat_gateway_id": "cda3a125-2406-456c-a11f-598e10578541", 
         "admin_state_up": true, 
         "port_id": "9a469561-daac-4c94-88f5-39366e5ea193", 
         "internal_service_port": 993, 
         "protocol": "tcp", 
         "tenant_id": "abc", 
         "created_at": "2017-11-15 15:44:42.595173", 
         "id": "79195d50-0271-41f1-bded-4c089b2502ff", 
         "external_service_port": 242, 
         "floating_ip_address": "5.21.11.226",
         "description": "my dnat rule 01" 
     } 
 }

Create a response for all ports.

{ 
     "dnat_rule": { 
         "floating_ip_id": "cf99c679-9f41-4dac-8513-9c9228e713e1", 
         "status": "ACTIVE", 
         "nat_gateway_id": "dda3a125-2406-456c-a11f-598e10578541", 
         "admin_state_up": true, 
         "private_ip": "192.168.1.100", 
         "internal_service_port": 0, 
         "protocol": "any", 
         "tenant_id": "abc", 
         "created_at": "2017-11-15 15:44:42.595173", 
         "id": "79195d50-0271-41f1-bded-4c089b2502ff", 
         "external_service_port": 0, 
         "floating_ip_address": "5.21.11.227",
         "description": "my dnat rule 01" 
     } 
 }

Create a rule based on the specified port range.

{ 
     "dnat_rule": { 
         "floating_ip_id": "cf99c679-9f41-4dac-8513-9c9228e713e1", 
         "status": "ACTIVE", 
         "nat_gateway_id": "dda3a125-2406-456c-a11f-598e10578541", 
         "admin_state_up": true, 
         "private_ip": "192.168.1.100", 
         "internal_service_port": 0, 
         "protocol": "tcp", 
         "tenant_id": "abc", 
         "created_at": "2017-11-15 15:44:42.595173", 
         "id": "79195d50-0271-41f1-bded-4c089b2502ff", 
         "external_service_port": 0, 
         "floating_ip_address": "5.21.11.227",
         "description": "my dnat rule 01",
         "internal_service_port_range":"100-200",
         "external_service_port_range":"100-200"
     } 
 }

Status Code

See Status Codes.

Parent topic: DNAT Rules

Last Article: DNAT Rules

Next Article: Creating DNAT Rules in Batches

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English