ModifyForwardEntry - NAT Gateway - Alibaba Cloud Documentation Center

Usage notes

ModifyForwardEntry is an asynchronous operation. After you send a request, the system returns a request ID and runs the task in the background. You can call the DescribeForwardTableEntries operation to query the status of a DNAT entry.
- Pending: indicates that the system is modifying the DNAT entry. You can only query the DNAT entry, but cannot perform other operations.
- Available: indicates that the DNAT entry is modified.
You cannot repeatedly call the ModifyForwardEntry operation to modify a DNAT entry within the specified period of time.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	ModifyForwardEntry	The operation that you want to perform. Set the value to ModifyForwardEntry.
ForwardTableId	String	Yes	ftb-8vbx8xu2lqj9qb334****	The ID of the DNAT table to which the DNAT entry belongs.
ForwardEntryId	String	Yes	fwd-8vbn3bc8roygjp0gy****	The ID of the DNAT entry.
ExternalIp	String	No	116.85.XX.XX	When you modify DNAT entries of Internet NAT gateways, this parameter specifies the elastic IP addresses (EIPs) that are used to access the Internet. When you modify DNAT entries of Virtual Private Cloud (VPC) NAT gateways, this parameter specifies the NAT IP addresses that are accessed by external networks.
ExternalPort	String	No	80	The external port that is used to forward traffic when you modify DNAT entries of Internet NAT gateways. Valid values: 1 to 65535. If you want to modify the port range, separate port numbers with a forward slash (/), such as `10/20`. If you want to modify ExternalPort and InternalPort at the same time, and set ExternalPort to a port range, you must also set InternalPort to a port range. For example, you can set ExternalPort to `10/20` and set InternalPor to `80/90`. The port that is accessed by external networks when you modify DNAT entries of VPC NAT gateways. Valid values: 1 to 65535.
InternalIp	String	No	10.0.0.78	The private IP address of the ECS instance that uses DNAT entries to communicate with the Internet when you modify DNAT entries of Internet NAT gateways. The private IP address that uses DNAT entries to communicate when you modify DNAT entries of VPC NAT gateways.
InternalPort	String	No	80	The internal port or port range that is used to forward traffic when you modify DNAT entries of Internet NAT gateways. Valid values: 1 to 65535. The port of the destination ECS instance to be mapped when you modify DNAT entries of VPC NAT gateways. Valid values: 1 to 65535.
IpProtocol	String	No	TCP	The protocol type. Valid values: TCP: The NAT gateway forwards TCP packets. UDP: The NAT gateway forwards UDP packets. Any: The NAT gateway forwards packets of all protocols.
ForwardEntryName	String	No	test	The new name of the DNAT entry. The name must be 2 to 128 characters in length. It must start with a letter but cannot start with `http://` or `https://`.
RegionId	String	Yes	cn-hangzhou	The region ID of the NAT gateway. You can call the DescribeRegions operation to query the most recent region list.
ClientToken	String	No	123e4567-e89b-12d3-a456-426655440000	The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can only contain ASCII characters. Note If you do not specify this parameter, ClientToken is set to the value of RequestId. The value of RequestId for each API request is different.
PortBreak	Boolean	No	false	Specifies whether to remove limits on the port range. Valid values: true: yes false: no If an SNAT entry and a DNAT entry use the same public IP address, and you want to specify a port number greater than `1024`, set `PortBreak` to `true`.

Response parameters


Parameter	Type	Example	Description
RequestId	String	2315DEB7-5E92-423A-91F7-4C1EC9AD97C3	The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ModifyForwardEntry
&ForwardTableId=ftb-8vbx8xu2lqj9qb334****
&ForwardEntryId=fwd-8vbn3bc8roygjp0gy****
&ExternalIp=116.85.XX.XX
&ExternalPort=80
&InternalIp=10.0.0.78
&InternalPort=80
&IpProtocol=TCP
&ForwardEntryName=test
&RegionId= cn-hangzhou
&ClientToken=123e4567-e89b-12d3-a456-426655440000
&PortBreak=false
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ModifyForwardEntryResponse>
    <RequestId>2315DEB7-5E92-423A-91F7-4C1EC9AD97C3</RequestId>
</ModifyForwardEntryResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "2315DEB7-5E92-423A-91F7-4C1EC9AD97C3"
}

Error codes


HttpCode	Error code	Error message	Description
400	ExclusiveParam.%sAnd%s	The param of %s and %s are mutually exclusive.	The error message returned because you cannot set %s and %s at the same time.
400	InvalidIp.NotInNatgw	The specified Ip not belong to natgateway.	The error message returned because the specified EIP is not associated with the NAT gateway.
400	OperationUnsupported.ForwardEntry	Duplicated destination ip port is unsupported.	The error message returned because duplicate destination IP addresses and ports are not supported.
400	IncorrectStatus.NatIp	The status of %s [%s] is incorrect.	The error message returned because the status of the NAT IP address is invalid.
400	IncorrectStatus.ForwardEntry	The status of %s [%s] is incorrect.	The error message returned because the DNAT entry to be deleted is in an invalid state.
400	InvalidExternalIp.Malformed	The specified ExternalIp is not a valid IP address.	The error message returned because the specified EIP is invalid.
400	InvalidInternalIp.Malformed	The specified InternalIp is not a valid IP address.	The error message returned because the specified destination private IP address is invalid.
400	InvalidExternalPort.Malformed	The specified ExternalPort is not a valid port.	The error message returned because the specified public port is invalid.
400	InvalidInternalPort.Malformed	The specified InternalPort is not a valid port.	The error message returned because the specified private port is invalid.
400	Forbidden.DestnationIpOutOfVpcCIDR	The specified Destination Ip is Out of VPC CIDR.	The error message returned because the specified private IP address does not fall within the CIDR block of the VPC. Enter a private IP address that falls within the CIDR block of the VPC.
400	InvalidProtocal.ValueNotSupported	The specified IpProtocol does not support.	The error message returned because the specified protocol is not supported.
400	IncorretForwardEntryStatus	Some Forward entry status blocked this operation..	The error message returned because you are not authorized to perform the specified operation. The error message returned because one or more DNAT entries in the DNAT table are in the Pending or Modifying state.
400	QuotaExceeded	Forward entry quota exceeded in this route table.	The error message returned because the number of custom route entries in the same route table cannot exceed 200. Go to the Quota Management page to request a quota increase.
400	Forbidden.ExternalIp.UsedInSnatTable	The specified ExternalIp is already used in SnatTable	The error message returned because the specified EIP is already used by an SNAT entry. Select a different EIP or delete the SNAT entry.
400	Forbidden.Already.Bounded	The specified instance already bounded	The error message returned because the specified instance is associated with another DNAT entry.
400	InvalidParameter.Name.Malformed	The specified Name is not valid.	The error message returned because the specified name format is invalid. Enter the name in the valid format.
400	IllegalParam.AnyPortNotZero	Any port port must be zero.	The error message returned because you must set the destination port and source port to 0 when IpProtocol is set to Any.
400	InvalidForwardEntryId.NotFound	Specified forward entry ID does not exist	The error message returned because the specified DNAT entry does not exist.
400	OperationUnsupported.EipInBinding	Create snat entry with eip in associating status is unsupported.	The error message returned because you cannot use an associated EIP when you create an SNAT entry.
400	QuotaExceeded.ForwardEntrySessionManytoOne	The dnat session quota is exceed.	The error message returned because the number of DNAT sessions exceeds the upper limit.
404	ResourceNotFound.NatIp	The specified resource of %s is not found.	The error message returned because the NAT IP address is not found.
404	InvalidRegionId.NotFound	The specified RegionId does not exist in our records.	The error message returned because the ID of the specified region does not exist.
404	InvalidExternalIp.NotFound	Specified External Ip address does not found on the VRouter	The error message returned because the specified EIP does not exist.
404	InvalidForwardTableId.NotFound	Specified forward table does not exist.	The error message returned because the specified DNAT table does not exist. Check the parameter and try again.

For a list of error codes, see Service error codes.