Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Dynamic NAT

0 views
Skip to first unread message

Donna S. Moyer

unread,
Jan 5, 2004, 9:54:21 AM1/5/04
to
Hello all:

Is there a way to display the current dynamic NAT table? Or at least to see
the statistics on how many dynamic NATs are currently in use?

BorderManager 3.7 Netware 5.1 sp5

Thanks in advance....

Donna


Caterina Luppi

unread,
Jan 5, 2004, 2:54:25 PM1/5/04
to
Hi Donna,

> Is there a way to display the current dynamic NAT table? Or at least to see
> the statistics on how many dynamic NATs are currently in use?

I seem to remember that there was an hidden command to show the dynamic
NAT table...let me check and I'll revert.
--

Caterina Luppi
Novell Support Connection Volunteer Sysop

Wirediguana Consulting Services
http://www.wirediguana.com


Caterina Luppi

unread,
Jan 5, 2004, 4:52:35 PM1/5/04
to
yup, I remembered correctly.
This is the info you were looking for.

See also TID 10065766.

"
_dumpnattcp - this command dumps the contents of the TCP connection
table to the sys:\etc\nattcp.log. The information dumped includes the
following from the NAT connection:

SRC IP Address | Orig private Port | Translated public Port | Dest IP
Address |Dest Port | State | LAT(Sec)

where:

- SRC IP Address is the source IP address of workstation on the private
network
- Orig private Port is the TCP source port of the TCP session on the
private network (1025 - 65535 range)
- Translated public Port is the TCP source port of the TCP session on
the public network (55000 - 60000 range)
- Dest IP Address is the destination IP address of the request (will
remain the same on both the private and public side of the NAT router)
- Dest Port is the destination TCP port for the request (will remain
the same on both the private and public side of the NAT router)
- State is the state of the session as far as the NAT TCP connection
table is concerned. There are 8 possible states that are represented by
the various bits enabled

CS_WAITING_FOR_SYN_ACK (1<<0) // waiting for ack to syn
CS_SEEN_SYN_ACK (1<<1) // seen the syn ack
CS_WAITING_FOR_ADJUST_ACK (1<<2) // waiting for adjustment
ack
CS_WAITING_FOR_PRV_FIN_ACK (1<<3) // waiting for fin ack from
prv
CS_WAITING_FOR_PUB_FIN_ACK (1<<4) // waiting for fin ack from
pub
CS_SEEN_PRV_FIN_ACK (1<<5) // seen the prv fin
ack
CS_SEEN_PUB_FIN_ACK (1<<6) // seen the pub fin
ack
CS_FTP_DATA_CONNECTION (1<<7) // FTP Data connection
CS_WAITING_FOR_PUB_SYN (1<<8) // waiting pub syn after
"PORT"

A typical connection would have a state of 000010. This implies that the
only flag that is enabled is the CS_SEEN_SYN_ACK which indicates that
we've seen the SYN ACK from the remote TCP server and have probably
successfully established the connection. This state is totally valid.

This is the key field as far as troubleshooting is concerned. If the
CS_WAITING_FOR_PUB_FIN_ACK or CS_WAITING_FOR_PRV_FIN_ACK flags are
enabled for more than 2 minutes, then an issue with the closing of the
connections may be taking place.

- LAT(Sec) specifies the amount of time the connection has been active
for.


-dumpnatudp does the same as before but for udp protocol. "

Donna S. Moyer

unread,
Jan 5, 2004, 7:09:36 PM1/5/04
to
Thanks Caterina...that answers my question. Sysops are the greatest!!!!!


"Caterina Luppi" <c...@not-here.com> wrote in message
news:D0lKb.6068$VM1....@prv-forum2.provo.novell.com...

0 new messages