Page MenuHomeVyOS Platform

support for ip groups in nat
Open, Requires assessmentPublicFEATURE REQUEST



Would it be possible to add support for address groups in nat, so I could do something like this:

set nat source rule 10 destination address-group 'some-group'

It would be a great feature.


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Event Timeline

I vote for this as well. I have a lot of addresses I need to add to a nat source address so I need to create one rule per IP. Because I have a specific rule numbering scheme, I'm running out of space in it so I had to break the scheme. The ability to use groups in nat source and destination addresses would greatly help.

Note: When we migrate NAT to nftables, we need to use nftables sets instead of ipset

erkin set Issue type to Feature (new functionality).Aug 31 2021, 5:48 PM