Tip
This is the documentation for the 19.05 version. Looking for the documentation of the latest version? Have a look here.
NAT Status¶
TNSR offers several ways to view the active NAT configuration, rules, and
sessions. These start with nat show
, and are all available in config
and
master mode.
View NAT Configuration¶
To view the current NAT configuration parameters (not rules), use show nat
config
:
tnsr# show nat config
NAT Configuration Parameters
----------------------------
translation hash buckets 1024
translation hash memory 134217728
deterministic false
user hash buckets 128
user hash memory 67108864
max translations per user 100
outside Route Table ipv4-VRF:0
inside Route Table ipv4-VRF:0
dynamic mapping enabled
forwarding is disabled
View Static Mappings¶
To view currently configured static NAT mappings, use show nat
static-mappings
:
tnsr# show nat static-mappings
Static Mappings
Proto Local IP Port External IP Port Interface Twice NAT Out to In Route Table
----- ---------- ---- ----------- ---- --------- --------- --------- -----------
tcp 10.2.0.5 22 203.0.113.2 222 ipv4-VRF:0
View Deterministic Mappings¶
To view currently configured deterministic NAT mappings, use show nat
deterministic-mappings
:
tnsr# show nat deterministic-mappings
Deterministic Mappings
----------------------
Inside Outside Ratio Ports Sessions
------------- ---------------- --------- --------- ---------
198.14.0.0/15 203.0.113.128/25 1024 63 0
NAT Reassembly Parameters
-------------------------
View Dynamic Configuration¶
To view the IP addresses or interfaces currently assigned for use by NAT, use
show nat dynamic addresses
or show nat dynamic interfaces
, depending
on the TNSR NAT configuration:
tnsr# show nat dynamic addresses
Pool Addresses Route Table Twice NAT
-------------- ----------- ---------
203.0.113.2
View Interfaces¶
To view the interfaces which are currently marked as inside and outside for NAT
purposes, use show nat interface-sides
:
tnsr# show nat interface-sides
Interfaces Side
--------------------- -------
GigabitEthernet0/14/0 outside
GigabitEthernet3/0/0 inside
View NAT Fragment Reassembly¶
To view NAT packet fragment reassembly parameters, use show nat reassembly
:
tnsr# show nat reassembly
NAT Reassembly Parameters
-------------------------
Family: ipv4
Enabled : true
Timeout : 2 seconds
Max Fragments : 5
Max concurrent reassemblies: 1024
Family: ipv6
Enabled : true
Timeout : 2 seconds
Max Fragments : 5
Max concurrent reassemblies: 1024
View NAT Sessions¶
To view a summary of outgoing NAT sessions by source address, use show nat
sessions
:
tnsr# show nat sessions
NAT sessions
------------
IP address Static Dynamic Route Table
-------------- ------- ------- -----------
10.2.0.1 0 4 ipv4-VRF:0
203.0.113.2 0 1 ipv4-VRF:0
To see more detail for each specific session, add verbose
to the previous
command, which becomes show nat sessions verbose
:
tnsr# show nat sessions verbose
NAT sessions detail
-------------------
Proto Inside/Outside/Ext Type Route Table Last used Bytes/pkts
----- --------------------- ------- ----------- --------- ----------
udp 10.2.0.1:123 dynamic ipv4-VRF:0 143 498
203.0.113.2:16253 6
52.6.160.3:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 143 498
203.0.113.2:18995 6
184.105.182.7:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 145 498
203.0.113.2:53893 6
69.36.182.57:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 207 498
203.0.113.2:44109 6
198.50.238.163:123