There can be scenarios where it's desirable to set a reasonable limit on the number of sessions that a single VM can create, for example to prevent a load test from exhausting all NAT ports or contain a denial of service condition.
This setting can only be used when **enable_dynamic_port_allocation = true**
variable "enable_dpa" {
type = bool
description = Specifies to enable Dynamic Port Allocation"
default = true
}
variable "max_ports_per_vm" {
type = string
description = "Max ports per VM (only relevant if DPA is enabled)"
default = "32768"
}
resource "google_compute_router_nat" "default" {
enable_dynamic_port_allocation = var.enable_dpa
min_ports_per_vm = var.min_ports_per_vm
max_ports_per_vm = var.enable_dpa ? var.max_ports_per_vm : null
}
TL;DR
There can be scenarios where it's desirable to set a reasonable limit on the number of sessions that a single VM can create, for example to prevent a load test from exhausting all NAT ports or contain a denial of service condition.
Terraform Resources
Detailed design
Additional information
No response