Page MenuHomeVyOS Platform

Issues with parsing ip range for source nat translation address
Closed, ResolvedPublicBUG


when configure translation address range for source NAT e.g.

set nat source rule 1000 translation address

following error occurs:

[ nat ]
VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Make sure you are running the latest version of the code available at
- Consult the forum to see how to handle this issue
- Join our community on slack where our users exchange help and advice

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
  business policy requires it)
- and include all the information presented below

Report Time:      2020-06-02 16:48:33
Image Version:    VyOS 1.3-rolling-202006010117
Release Train:    equuleus

Built by:         [email protected]
Built on:         Mon 01 Jun 2020 01:17 UTC
Build UUID:       3b4adee9-8c72-4412-9f67-69814c1cf922
Build Commit ID:  be5b71edd77b3a

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (i440FX + PIIX, 1996)
Hardware S/N:
Hardware UUID:    2c727cc1-d960-4984-b342-205b93580b2e

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/", line 266, in <module>
  File "/usr/libexec/vyos/conf_mode/", line 229, in verify
    if addr != 'masquerade' and not is_addr_assigned(addr):
  File "/usr/lib/python3/dist-packages/vyos/", line 132, in is_addr_assigned
    tmp = is_intf_addr_assigned(intf, addr)
  File "/usr/lib/python3/dist-packages/vyos/", line 78, in is_intf_addr_assigned
    return _is_intf_addr_assigned(intf, addr)
  File "/usr/lib/python3/dist-packages/vyos/", line 108, in _is_intf_addr_assigned
    if not _are_same_ip(address, ip_addr):
  File "/usr/lib/python3/dist-packages/vyos/", line 72, in _are_same_ip
    return socket.inet_pton(f_one, one) == socket.inet_pton(f_one, two)
OSError: illegal IP address string passed to inet_pton

[[nat]] failed
Commit failed


Difficulty level
Normal (likely a few hours)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Thank you for reporting this issue, it looks like that parser allows ranges of IP address (IP hyphen IP) but the parser does not. You could get around using CIDR notation but this indeed need looking into.

Viacheslav claimed this task.
Viacheslav added a subscriber: Viacheslav.


set nat source rule 1000 outbound-interface 'eth1'
set nat source rule 1000 source address ''
set nat source rule 1000 translation address ''
[email protected]# commit
[ nat ]
Warning: IP address does not exist on the system!
Warning: IP address does not exist on the system!

[email protected]#


[email protected]# sudo nft list table nat | grep POST -A 3
		type nat hook postrouting priority srcnat; policy accept;
		oifname "eth1" ip saddr counter packets 0 bytes 0 snat to comment "SRC-NAT-1000"
[email protected]# 
[email protected]# run show version 

Version:          VyOS 1.3-rolling-202011280730