vyos · dmbaturin · Nov 3, 2025 · Oct 23, 2025
diff --git a/data/config-mode-dependencies/vyos-vpp.json b/data/config-mode-dependencies/vyos-vpp.json
@@ -67,7 +67,8 @@
         "vpp_kernel_interface": ["vpp_kernel-interfaces"]
     },
     "vpp_kernel_interfaces": {
-        "vpp_nat_cgnat": ["vpp_nat_cgnat"]
+        "vpp_nat_cgnat": ["vpp_nat_cgnat"],
+        "vpp_nat": ["vpp_nat"]
     }
 }
 
diff --git a/python/vyos/vpp/utils.py b/python/vyos/vpp/utils.py
@@ -48,6 +48,22 @@ def iftunnel_transform(iface: str) -> str:
     return f'{iface_type}_tunnel{iface_num}'
 
 
+def vpp_iface_name_transform(iface: str) -> str:
+    """Convert a CLI interface name to its corresponding VPP interface name format
+
+    Args:
+        iface (str): Interface name as used in VyOS configuration (e.g., "bond0").
+
+    Returns:
+        str: Interface name formatted as recognized by VPP (e.g., "BondEthernet0").
+    """
+    vpp_iface_name = iface
+    if vpp_iface_name.startswith('bond'):
+        # interface name in VPP is BondEthernetX
+        vpp_iface_name = vpp_iface_name.replace('bond', 'BondEthernet')
+    return vpp_iface_name
+
+
 def cli_ifaces_list(config_instance, mode: str = 'candidate') -> list[str]:
     """List of all VPP interfaces (CLI names)
 

diff --git a/src/conf_mode/vpp_kernel-interfaces.py b/src/conf_mode/vpp_kernel-interfaces.py
@@ -82,6 +82,8 @@ def get_config(config=None) -> dict:
 
     if conf.exists(['vpp', 'nat', 'cgnat']):
         set_dependents('vpp_nat_cgnat', conf)
+    if conf.exists(['vpp', 'nat44']):
+        set_dependents('vpp_nat', conf)
 
     config['ifname'] = ifname
 

diff --git a/src/conf_mode/vpp_nat.py b/src/conf_mode/vpp_nat.py
@@ -26,7 +26,9 @@
 from vyos.utils.network import get_interface_address
 
 from vyos.vpp.utils import cli_ifaces_list
+from vyos.vpp.utils import vpp_iface_name_transform
 from vyos.vpp.nat.nat44 import Nat44
+from vyos.vpp.control_vpp import VPPControl
 
 
 protocol_map = {
@@ -155,16 +157,14 @@ def verify(config):
             f'Both inside and outside interfaces must be configured. Please add: {", ".join(missing_keys)}'
         )
 
-    for interface in config['interface']['inside']:
-        if interface not in config['vpp_ifaces']:
-            raise ConfigError(
-                f'{interface} must be a VPP interface for inside NAT interface'
-            )
-    for interface in config['interface']['outside']:
-        if interface not in config['vpp_ifaces']:
-            raise ConfigError(
-                f'{interface} must be a VPP interface for outside NAT interface'
-            )
+    vpp = VPPControl()
+    for direction in ['inside', 'outside']:
+        for interface in config['interface'][direction]:
+            vpp_iface_name = vpp_iface_name_transform(interface)
+            if vpp.get_sw_if_index(vpp_iface_name) is None:
+                raise ConfigError(
+                    f'{interface} must be a VPP interface for {direction} NAT interface'
+                )
 
     if not config.get('address_pool', {}).get('translation') and not config.get(
         'static', {}
@@ -371,11 +371,13 @@ def apply(config):
         # Delete inside interfaces
         for interface in remove_config['interface']['inside']:
             if interface not in config.get('interface', {}).get('inside', []):
-                n.delete_nat44_interface_inside(interface)
+                vpp_iface_name = vpp_iface_name_transform(interface)
+                n.delete_nat44_interface_inside(vpp_iface_name)
         # Delete outside interfaces
         for interface in remove_config['interface']['outside']:
             if interface not in config.get('interface', {}).get('outside', []):
-                n.delete_nat44_interface_outside(interface)
+                vpp_iface_name = vpp_iface_name_transform(interface)
+                n.delete_nat44_interface_outside(vpp_iface_name)
         # Delete address pool
         address_pool = config.get('address_pool', {})
         for address in (
@@ -445,10 +447,12 @@ def apply(config):
 
     # Add inside interfaces
     for interface in config['interface']['inside']:
-        n.add_nat44_interface_inside(interface)
+        vpp_iface_name = vpp_iface_name_transform(interface)
+        n.add_nat44_interface_inside(vpp_iface_name)
     # Add outside interfaces
     for interface in config['interface']['outside']:
-        n.add_nat44_interface_outside(interface)
+        vpp_iface_name = vpp_iface_name_transform(interface)
+        n.add_nat44_interface_outside(vpp_iface_name)
     # Add translation pool
     for address in (
         config.get('address_pool', {}).get('translation', {}).get('address', [])

diff --git a/src/conf_mode/vpp_nat_cgnat.py b/src/conf_mode/vpp_nat_cgnat.py
@@ -21,19 +21,12 @@
 from vyos.configdict import node_changed
 from vyos.configdiff import Diff
 from vyos.vpp.utils import cli_ifaces_list
+from vyos.vpp.utils import vpp_iface_name_transform
 
 from vyos.vpp.nat.det44 import Det44
 from vyos.vpp.control_vpp import VPPControl
 
 
-def _vpp_iface_name_transform(iface_name):
-    vpp_iface_name = iface_name
-    if vpp_iface_name.startswith('bond'):
-        # interface name in VPP is BondEthernetX
-        vpp_iface_name = vpp_iface_name.replace('bond', 'BondEthernet')
-    return vpp_iface_name
-
-
 def get_config(config=None) -> dict:
     if config:
         conf = config
@@ -132,7 +125,7 @@ def verify(config):
     vpp = VPPControl()
     for direction in ['inside', 'outside']:
         for interface in config['interface'][direction]:
-            vpp_iface_name = _vpp_iface_name_transform(interface)
+            vpp_iface_name = vpp_iface_name_transform(interface)
             if vpp.get_sw_if_index(vpp_iface_name) is None:
                 raise ConfigError(
                     f'{interface} must be a VPP interface for {direction} CGNAT interface'
@@ -187,11 +180,11 @@ def apply(config):
     cgnat.enable_det44_plugin()
     # Add inside interfaces
     for interface in config['interface']['inside']:
-        vpp_iface_name = _vpp_iface_name_transform(interface)
+        vpp_iface_name = vpp_iface_name_transform(interface)
         cgnat.add_det44_interface_inside(vpp_iface_name)
     # Add outside interfaces
     for interface in config['interface']['outside']:
-        vpp_iface_name = _vpp_iface_name_transform(interface)
+        vpp_iface_name = vpp_iface_name_transform(interface)
         cgnat.add_det44_interface_outside(vpp_iface_name)
     # Add CGNAT rules
     for rule in config['changed_rules']: