IP Address Rewrite
Internet Protocol (IP) address rewrite converts the incoming traffic’s IP address (source , destination, or both) with a user configured IP address. The modified packets are then delivered as per flow mapping configurations. This allows the user to maintain the confidentiality of the outgoing IP address.
IP address rewrite can be enabled in two ways:
| Rule based- The IP address rewrite functionality is enabled for traffic that qualifies a specific rule in a map. This can be enabled only for pass rules. Rule based IP address re-write allows modifying the rule, source, and destination IP address. |
| Map Based- The IP address rewrite functionality is enabled for traffic that qualifies any of the rules configured in regular by-Rule maps and shared collectors. The configuration applies to all the rules that are part of the map except for drop rules. Map based IP address re-write allows modifying the source and destination IP address and can also be applied to a deployed map. Refer to Map IP Address Source and Destination Compatibility Matrix for more information. |
Table 1: Map IP Address Source and Destination Compatibility Matrix
|
Source |
Destination |
Supported |
|---|---|---|
|
Network |
Tool/Hybrid, Tool GigaStream/Hybrid GigaStream, Tool with Egress VLAN strip/Tool with Egress Port filters. |
Yes |
|
Hybrid |
Tool/Hybrid, Tool GigaStream/Hybrid GigaStream, Tool with Egress VLAN strip/Tool with Egress Port filters. |
Yes |
|
Network with L2GRE/VXLAN enabled |
L2GRE/VXLAN Encapsulation Tunnel |
No |
|
Network with VXLAN Header Strip enabled Port/MPLS Header Strip |
Tool/Hybrid |
No |
|
Network Port with Ingress VLAN tag |
Tool/Hybrid |
Yes |
|
Network |
L2 Circuit Encapsulation Tunneling |
No |
|
L2-Circuit Tunnel |
Tool/Hybrid/GigaStream |
Yes |
|
VXLAN/L2GRE Tunnel decapsulation with IP interface |
Tool/Hybrid/GigaStream |
No |
|
Port-Group |
Tool/Hybrid/GigaStream |
Yes |
|
Network /Hybrid |
Port-group (without smart-lb enabled). |
Yes |
Note: If you have configured both map level and rule level IP address rewrite functionality in the same map, then rule-based configuration takes priority.
Configuring IP Address Re-write
Internet Protocol address is a four-byte hardware identification field with 8 hexadecimal digits that uniquely identifies a device in the network. You can rewrite the IP source and destination fields to configurable IP address as follows:
| 1. | To enable IP address rewrite functionality through GigaVUE-FM: |
| a. | Map based Configuration- To configure IP address rewrite based on maps follow the below steps: |
| • | Navigate to  > Physical > Nodes. |
| • | Select the required cluster or device. Navigate to Maps and click create New Map. Scroll down to Map Configuration & Rules. |
| • | Under Configuration, enable the ‘Address Rewrite’ checkbox. |
| • | Select either IPv4 Source, IPv4 Destination, or both. |
| • | Specify the IPv4 Source and Destination. |
| • | Click on OK to complete the configuration. |
| b. | Rule based Configuration- To configure IP address rewrite based on map rules follow the below steps |
| • | Navigate to > Physical > Nodes. |
| • | Select the required cluster or device. Navigate to Maps and click create New Map. Scroll down to Map Configuration & Rules. |
| • | Under Map Rules, click Add a Rule. |
| • | Select the IPV4 address from the Address Rewrite drop down list. |
| • | From Map Rules section select either IPv4 Source , IPv4 Destination, or both. |
| • | Specify the IPv4 Source and Destination. |
| • | Click on OK to complete the configuration. |
| 2. | To enable IP address rewrite through GigaVUE-OS -CLI enter the map prefix mode with the command config map alias<map> and then enter any one of the following commands such as: |
rewrite-dstip x.x.x.x
rewrite-srcip x.x.x.x
no rewrite-dstip
no rewrite-srcip
Refer to GigaVUE-OS CLI Reference Guide for more information.
License
You do not need a license to enable this feature for GigaVUE® HC Series. To enable this feature for GigaVUE® TA Series ensure you have Advanced Features License.
Limitations
The following are the limitations of IP Address rewrite.
| Pass-all maps are not supported. |
| GSOP enabled maps are not supported. |
| VXLAN/L2GRE Encapsulation and decapsulation tunnels are not supported |
| Inline, Flex Inline maps and OOB copy maps are not supported. |
| First-level, second-level, and transit maps are not supported. |
| This feature is not supported with Fabric Maps, L2 Circuit Tunnel Encapsulation, MPLS, and VXLAN Header Stripping enabled-port configurations. |
| A paired port receives rewritten IP address when creating a port-pair with a network port in map/rule-based ip-rewrite byrule map. |
| IP rewrite is not supported in GigaVUE‑TA400 and GigaVUE-HCT devices. |
| IP rewrite with single tagged traffic and ingress VLAN tag is not supported in GigaVUE‑HC1-Plus,GigaVUE‑TA25, and GigaVUE‑TA25E. |
| IP rewrite with IPv6 and L3-mpls traffic is not supported. |
| Cluster and double-tagged traffic are not supported. |
| When a pass-all map shares the same source ports with a by-rule map with IP rewrite enabled, the IP rewrite effect will be applied to the destination port of both the pass-all map and the by-rule map. |
