Tip
This is the documentation for the 19.12 version. Looking for the documentation of the latest version? Have a look here.
NAT Status¶
TNSR offers several ways to view the active NAT configuration, rules, and
sessions. These start with nat show, and are all available in config and
master mode.
View NAT Configuration¶
To view the current NAT configuration parameters (not rules), use show nat
config:
tnsr# show nat config
NAT Configuration Parameters
----------------------------
translation hash buckets 1024
translation hash memory 134217728
deterministic false
user hash buckets 128
user hash memory 67108864
max translations per user 100
outside Route Table ipv4-VRF:0
inside Route Table ipv4-VRF:0
dynamic mapping enabled
forwarding is enabled
UDP timeout 300s
TCP established connections timeout 7440s
TCP transitory connections timeout 240s
ICMP timeout 60s
View Static Mappings¶
To view currently configured static NAT mappings, use show nat
static-mappings:
tnsr# show nat static-mappings
Static Mappings
Proto Local IP Port External IP Port Interface Twice NAT Out to In Route Table
----- ---------- ---- ----------- ---- --------- --------- --------- -----------
tcp 10.2.0.5 22 203.0.113.2 222 ipv4-VRF:0
View Deterministic Mappings¶
To view currently configured deterministic NAT mappings, use show nat
deterministic-mappings:
tnsr# show nat deterministic-mappings
Deterministic Mappings
----------------------
Inside Outside Ratio Ports Sessions
------------- ---------------- --------- --------- ---------
198.14.0.0/15 203.0.113.128/25 1024 63 0
NAT Reassembly Parameters
-------------------------
View Dynamic Configuration¶
To view the IP addresses or interfaces currently assigned for use by NAT, use
show nat dynamic addresses or show nat dynamic interfaces, depending
on the TNSR NAT configuration:
tnsr# show nat dynamic addresses
Pool Addresses Route Table Twice NAT
-------------- ----------- ---------
203.0.113.2
View Interfaces¶
To view the interfaces which are currently marked as inside and outside for NAT
purposes, use show nat interface-sides:
tnsr# show nat interface-sides
Interfaces Side
--------------------- -------
GigabitEthernet0/14/0 outside
GigabitEthernet3/0/0 inside
View NAT Fragment Reassembly¶
To view NAT packet fragment reassembly parameters, use show nat reassembly:
tnsr# show nat reassembly
NAT Reassembly Parameters
-------------------------
Family: ipv4
Enabled : true
Timeout : 2 seconds
Max Fragments : 5
Max concurrent reassemblies: 1024
Family: ipv6
Enabled : true
Timeout : 2 seconds
Max Fragments : 5
Max concurrent reassemblies: 1024
View NAT Sessions¶
To view a summary of outgoing NAT sessions by source address, use show nat
sessions:
tnsr# show nat sessions
NAT sessions
------------
IP address Static Dynamic Route Table
-------------- ------- ------- -----------
10.2.0.1 0 4 ipv4-VRF:0
203.0.113.2 0 1 ipv4-VRF:0
To see more detail for each specific session, add verbose to the previous
command, which becomes show nat sessions verbose:
tnsr# show nat sessions verbose
NAT sessions detail
-------------------
Proto Inside/Outside/Ext Type Route Table Last used Bytes/pkts
----- --------------------- ------- ----------- --------- ----------
udp 10.2.0.1:123 dynamic ipv4-VRF:0 143 498
203.0.113.2:16253 6
52.6.160.3:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 143 498
203.0.113.2:18995 6
184.105.182.7:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 145 498
203.0.113.2:53893 6
69.36.182.57:123
udp 10.2.0.1:123 dynamic ipv4-VRF:0 207 498
203.0.113.2:44109 6
198.50.238.163:123