In the earlier post of building a Vyatta router on the cloud with Amazon EC2, I mentioned that I had issues with setting up a SNAT (source NAT) and made the assumption that it was either a bug or the OS image of Vyatta on Amazon.

I’ve been working through this issue with Stig from Vyatta on their forums. You can view the messages at http://vyatta.org/forum/viewtopic.php?t=2908

I’ve replicated his steps only to come to the same error.

vyatta@vyatta:/root$ show version
Version  :    VC5.0.0.0
Copyright:    2006-2009 Vyatta, Inc.
Boot via :    disk
Uptime   :    14:51:35 up 4 days, 23:01,  1 user,  load average: 0.08, 0.02, 0.00

vyatta@vyatta:/root$ configure
[edit]
vyatta@vyatta# set service nat rule 100 source address 10.0.30.35
[edit]
vyatta@vyatta# show service nat
+rule 100 {
+    source {
+        address 10.0.30.35
+    }
+}
[edit]
vyatta@vyatta# commit
NAT configuration error: rule type not specified/valid
Commit failed
[edit]
vyatta@vyatta# set service nat rule 100 type source
[edit]
vyatta@vyatta# set service nat rule 100 outbound-interface eth0
[edit]
vyatta@vyatta# show service nat
+rule 100 {
+    outbound-interface eth0
+    source {
+        address 10.0.30.35
+    }
+    type source
+}
[edit]
vyatta@vyatta# commit
NAT configuration error: outside-address not specified
Commit failed
[edit]
vyatta@vyatta# set service nat rule 100 outside-address address 172.16.100.2
[edit]
vyatta@vyatta# show service nat
+rule 100 {
+    outbound-interface eth0
+    outside-address {
+        address 172.16.100.2
+    }
+    source {
+        address 10.0.30.35
+    }
+    type source
+}
[edit]
vyatta@vyatta# commit
iptables: Index of insertion too big
Commit failed
[edit]
vyatta@vyatta#

He’s running version VC5.0.2. I went ahead and recreated the same network setup and steps with VC5.0.0 in VMware, and I do not get the same error message. From this, I am deducing that the error is actually with the image on Amazon and not a bug with Vyatta.