110 ServerIron ADX Security Guide
53-1002440-03

Displaying NAT information

4
Displaying NAT translation

To display the currently active NAT translations, enter the following command.

Syntax: show ip nat translation

NOTE

You can enter this command only when you rconsole in to a BP. The command is not supported on

the Main Processor CPU.

nat udp rev ip status zero Indicates the number of times that an error in NAT translation for UDP reverse
traffic has occurred.
nat udp rev usr index null Indicates the number of times that a “port unreachable” message was
generated because the ServerIron could not create a a user session for UDP
reverse traffic.
sw l4 nat corruption Indicates the number of instances of NAT session corruption.
rstp port unavailable Indicates the number of times that a NAT port was not available for RSTP.
RTSP inside alloc same Indicates the number of times that the used port and proposed client port
were the same for RSTP.
RTSP reply port not same Indicates the number of times that the used port and proposed client port
were not the same for RTSP.
Wrong port range Indicates the number of times that the NAT port used a port in the wrong port
range. For example, where a NAT port used a port from the normal port pool
range for RTSP.
Port Pool Parameters
[x] The variable represented by "x" represents the index of the IP address in the
IP NAT pool. For example, [0] refers to the first IP address in the IP pool
(216:220:209:230). [1] refers to the second IP address in this IP pool
(216:220:209:231).
h The value following "h:" refers to the head of the port pool for the IP address
in the IP NAT pool. The head indicates the location in the port pool where the
next port will be allocated from.
t The value following "t:" refers to the tail of the port pool for the IP address in
the IP NAT pool. The tail indicates the location in the port pool where the next
port will be freed from.
T The value following "T:" refers to the total number of ports in the port pool for
that IP address in the IP NAT pool.
f The value following "f:" refers to the number of free ports in the port pool for
this IP address.
TABLE 7 Display fields for show ip nat statistics (Continued)
This field... Displays...
ServerIronADX(1/1)# show ip nat translation
Pro Inside global Inside local Outside local Outside global
tcp 10.1.1.92:11021 5.1.1.2:32784 10.1.1.1:23 10.1.1.1:23