Capability of Smarts functioning in NAT'ed environment
search cancel

Capability of Smarts functioning in NAT'ed environment

book

Article ID: 331725

calendar_today

Updated On:

Products

VMware Smart Assurance Network Observability

Issue/Introduction

Capability of Smarts functioning in NAT'ed environment

Environment

All Supported Smarts Releases

Resolution

                       SMARTS VM (X.X.X.X)
    (Translated to X.X.X.X) ↑↓
                       NAT Gateway
                            ↑↓  (Translated to Y.Y.Y.Y)
                    Network Device


Query : Can SMARTS Work in This Environment?

Answer : Yes — With One Important Condition

SMARTS will function if the following is true:
From SMARTS’ perspective, it can successfully initiate and maintain TCP/UDP sessions to the device IPs.

SMARTS primarily:

  • Initiates SNMP sessions
  • Opens ICMP sessions
  • Opens CLI/Telnet/SSH sessions (if configured)
  • Receives traps (if trap forwarding exists)

If outbound reachability exists and NAT is symmetric/maintained, SMARTS will work.
If SMARTS host IP is NAT’ed and reachability exists, discovery/ monitoring works

Scenario A — SMARTS IP is NAT’ed (Source NAT)

Works because:

    • SMARTS initiates polling
    • NAT maintains session state
    • Device replies to NAT’ed IP
    • Connection tracking handles return traffic

SNMP Polling
Works if:

    • SMARTS initiates polling
    • NAT allows return traffic
    • No IP rewriting in SNMP payload

Source NAT is usually safe. This is standard SNMP polling behavior.

Scenario B — Device IP is NAT’ed (Destination NAT)

This often breaks because:

    • SMARTS stores device IP in its topology.
    • SNMP responses include the device’s real IP.
    • Trap source IP may not match discovered IP.
    • IP identity mismatch causes:
    • Duplicate node creation
    • Unmanaged device
    • Trap correlation failures

SMARTS is very IP identity sensitive. Hence, Smarts IP does not have the capability to handle and resolve NAT addresses. The current/latest Smarts IP Manager version automatically discovers any IP device running an SNMP agent in the whole network accessible to it. It does not currently have the capability to create translation tables internally working with the NAT devices (manually configured or automatic) to be able to do selective device discovery and monitoring. 

Powered by Wolken Software