NAT gateway question

[pasztorl]

Hi,

I've seen Sonic NAT feature, but it seems this is not a right thing for my setup.
I have connected clients with private addresses, and I would like to set up the sonic switch to act as NAT gateway, so NAT happens when a private node wants to communicate to world, but I don't want to allow the switch's public IP to dnat to a private host.
As I seen in the docs Sonic NAT always do snat and dnat between two nat zones. Is this something what can be disabled so make it just one way?
What are the options if i want just a "simple" NAT GW?

thanks!

[arunlk-dell]

config nat feature {enable | disable}
above command is used to enable and disable the NAT feature.

Follow the below links to understand/use the NAT config:
https://github.com/sonic-net/sonic-utilities/blob/master/doc/Command-Reference.md#nat-config-commands
https://github.com/sonic-net/sonic-utilities/blob/master/doc/Command-Reference.md#nat-show-commands
Other generic NAT link

[pasztorl]

@arunlk-dell thank you! I've found these urls earlier, but what it is not clear for me how i do dnat just one way like a "home router". without dmz enabled. If i enable nat and add interfaces, zone(s) i see that dnat happens in two way. i don't want to forward connections created from outside to inside.