Help Center> NAT Gateway> API Reference> Application Examples> Example 1: Creating a Public NAT Gateway and Configuring an SNAT Rule
Updated on 2024-03-07 GMT+08:00
Online Debugging
CLI Examples
View PDF

Example 1: Creating a Public NAT Gateway and Configuring an SNAT Rule

Scenarios

This section describes how to create an SNAT rule by calling APIs. For details about how to call APIs, see Calling APIs.

Prerequisites

  • You have created a VPC and a subnet. For details, see Creating a VPC and Subnet for an ECS.
  • Ensure that the VPC does not have a default route. (This restriction does not apply to the CN North-Beijing4 region.)
  • You can create an SNAT rule only when status of the NAT gateway is ACTIVE and admin_state_up of the NAT gateway administrator is True.
  • If you use a token for authentication, you must obtain the token and add X-Auth-Token to the request header when making an API call. Obtain the token by referring to Authentication.

The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequent calling.

Procedure

  1. Create a NAT gateway.

    1. Determine the VPC to be used.
      • Query VPCs.

        URI format: GET /v1/{project_id}/vpcs

        For details, see Querying VPCs.

      • Select a VPC that does not have a default route, and make a note of the VPC ID.
    2. Determine the subnet in the VPC to be used.
      • Query subnets in the VPC.

        URI format: GET /v1/{project_id}/subnets?vpc_id={vpc_id}

        For details, see Querying Subnets.

      • Select a subnet and make a note of the subnet ID.
    3. Create a public NAT gateway.
      • API

        URI format: POST /v2/{project_id}/nat_gateways

        For details, see Creating a Public NAT Gateway.

      • Example request

        POST https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/nat_gateways

        Obtain {endpoint} from Regions and Endpoints.

      • Example response
      {
    "nat_gateway": {
        "name": "nat_001",
        "description": "my nat gateway 01",
        "router_id": "d84f345c-80a1-4fa2-a39c-d0d397c3f09a",
        "internal_network_id": "89d66639-aacb-4929-969d-07080b0f9fd9",
        "spec": "1",
        "enterprise_project_id": "0aad99bc-f5f6-4f78-8404-c598d76b0ed2"
    }
}
    4. Ensure that the public NAT gateway is successfully created and is in the active state.

      API

      URI format: GET /v2/{project_id}/nat_gateways/{nat_gateway_id}

      For details, see Querying the Details of a Public NAT Gateway.

    5. Make a note of the public NAT gateway ID and the value of internal_network_id.

  2. Determine the EIP to be used.

    1. Query EIPs.

      API

      URI format: GET /v1/{project_id}/publicips

      For details, see Querying EIPs.

    2. Select an EIP based on service requirements and make a note of the EIP ID.

  3. Create an SNAT rule.

    • API

      URI format: POST /v2/{project_id}/snat_rules

      For details, see Creating an SNAT Rule.

    • Example request

      POST https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/snat_rules

      Obtain {endpoint} from Regions and Endpoints.

      Body:

      {
    "snat_rule": {
        "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
        "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
        "source_type": 0,
        "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
        "description": "my snat rule 01"
    }
}
    • Example response
      {
    "snat_rule": {
        "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
        "status": "PENDING_CREATE",
        "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
        "admin_state_up": true,
        "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
        "description": "",
        "source_type": 0,
        "tenant_id": "27e25061336f4af590faeabeb7fcd9a3",
        "created_at": "2017-11-18 07:54:21.665430",
        "id": "5b95c675-69c2-4656-ba06-58ff72e1d338",
        "floating_ip_address": "5.21.11.226"
    }
}

  4. Verify that the SNAT rule is successfully created.

    • API

      URI format: GET /v2/{project_id}/snat_rules/{snat_rule_id}

      For details, see Querying the Details of an SNAT Rule.

    • Example request

      GET https://{Endpoint}/v2/27e25061336f4af590faeabeb7fcd9a3/snat_rules/5b95c675-69c2-4656-ba06-58ff72e1d338

      Obtain {endpoint} from Regions and Endpoints.

    • Example response
      {
    "snat_rule": {
        "floating_ip_id": "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
        "status": "ACTIVE",
        "nat_gateway_id": "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
        "admin_state_up": true,
        "network_id": "eaad9cd6-2372-4be1-9535-9bd37210ae7b",
        "source_type": 0,
        "tenant_id": "27e25061336f4af590faeabeb7fcd9a3",
        "created_at": "2017-11-18 07:54:21.665430",
        "id": "5b95c675-69c2-4656-ba06-58ff72e1d338",
        "floating_ip_address": "5.21.11.226",
        "freezed_ip_address": "",
        "description": "my snat rule 01"
    }
}

Parent Topic: Application Examples