Nat44-ei cli reference

clear nat44 ei sessions

clear nat44 ei sessions
clear nat44 ei sessions

To clear all NAT44 sessions
 vpp# clear nat44 ei sessions

Declaration: nat44_ei_clear_sessions_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2044

Implementation: nat44_ei_clear_sessions_command_fn

nat44 ei add address

nat44 ei add address <ip4-range-start> [- <ip4-range-end>] [tenant-vrf <vrf-id>] [del]
nat44 ei add address

Add/delete NAT44 pool address.
To add NAT44 pool address use:
 vpp# nat44 ei add address 172.16.1.3
 vpp# nat44 ei add address 172.16.2.2 - 172.16.2.24
To add NAT44 pool address for specific tenant (identified by VRF id) use:
 vpp# nat44 ei add address 172.16.1.3 tenant-vrf 10

Declaration: add_address_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1850

Implementation: add_address_command_fn

nat44 ei add identity mapping

nat44 ei add identity mapping <ip4-addr>|external <interface> [<protocol> <port>] [vrf <table-id>] [del]
nat44 ei add identity mapping

Identity mapping translate an IP address to itself.
To create identity mapping for address 10.0.0.3 port 6303 for TCP protocol
use:
 vpp# nat44 ei add identity mapping 10.0.0.3 tcp 6303
To create identity mapping for address 10.0.0.3 use:
 vpp# nat44 ei add identity mapping 10.0.0.3
To create identity mapping for DHCP addressed interface use:
 vpp# nat44 ei add identity mapping external GigabitEthernet0/a/0 tcp 3606

Declaration: add_identity_mapping_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1955

Implementation: add_identity_mapping_command_fn

nat44 ei add interface address

nat44 ei add interface address <interface> [del]
nat44 ei add interface address

Use NAT44 pool address from specific interfce
To add NAT44 pool address from specific interface use:
 vpp# nat44 ei add interface address GigabitEthernet0/8/0

Declaration: nat44_ei_add_interface_address_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1991

Implementation: nat44_ei_add_interface_address_command_fn

nat44 ei add static mapping

nat44 ei add static mapping tcp|udp|icmp local <addr> [<port|icmp-echo-id>] external <addr> [<port|icmp-echo-id>] [vrf <table-id>] [del]
nat44 ei add static mapping

Static mapping allows hosts on the external network to initiate connection
to to the local network host.
To create static mapping between local host address 10.0.0.3 port 6303 and
external address 4.4.4.4 port 3606 for TCP protocol use:
 vpp# nat44 ei add static mapping tcp local 10.0.0.3 6303 external 4.4.4.4
3606
If not runnig "static mapping only" NAT plugin mode use before:
 vpp# nat44 ei add address 4.4.4.4
To create address only static mapping between local and external address
use:
 vpp# nat44 ei add static mapping local 10.0.0.3 external 4.4.4.4
To create ICMP static mapping between local and external with ICMP echo
identifier 10 use:
 vpp# nat44 ei add static mapping icmp local 10.0.0.3 10 external 4.4.4.4 10

Declaration: add_static_mapping_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1934

Implementation: add_static_mapping_command_fn

nat44 ei addr-port-assignment-alg

nat44 ei addr-port-assignment-alg <alg-name> [<alg-params>]
nat44 ei addr-port-assignment-alg

Set address and port assignment algorithm
For the MAP-E CE limit port choice based on PSID use:
 vpp# nat44 ei addr-port-assignment-alg map-e psid 10 psid-offset 6 psid-len
6
For port range use:
 vpp# nat44 ei addr-port-assignment-alg port-range <start-port> - <end-port>
To set standard (default) address and port assignment algorithm use:
 vpp# nat44 ei addr-port-assignment-alg default

Declaration: nat44_ei_set_alloc_addr_and_port_alg_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1719

Implementation: nat44_ei_set_alloc_addr_and_port_alg_command_fn

nat44 ei del session

nat44 ei del session in|out <addr>:<port> tcp|udp|icmp [vrf <id>] [external-host <addr>:<port>]
nat44 ei del session

To administratively delete NAT44 session by inside address and port use:
 vpp# nat44 ei del session in 10.0.0.3:6303 tcp
To administratively delete NAT44 session by outside address and port use:
 vpp# nat44 ei del session out 1.0.0.3:6033 udp

Declaration: nat44_ei_del_session_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2059

Implementation: nat44_ei_del_session_command_fn

nat44 ei del user

nat44 ei del user <addr> [fib <index>]
nat44 ei del user

To delete all NAT44 user sessions:
 vpp# nat44 ei del user 10.0.0.3

Declaration: nat44_ei_del_user_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2031

Implementation: nat44_ei_del_user_command_fn

nat44 ei forwarding

nat44 ei forwarding enable|disable
nat44 ei forwarding

Enable or disable forwarding
Forward packets which don't match existing translation
or static mapping instead of dropping them.
To enable forwarding, use:
 vpp# nat44 ei forwarding enable
To disable forwarding, use:
 vpp# nat44 ei forwarding disable

Declaration: nat44_ei_forwarding_set_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2078

Implementation: nat44_ei_forwarding_set_command_fn

nat44 ei ha failover

nat44 ei ha failover <ip4-address>:<port> [refresh-interval <sec>]
nat44 ei ha failover

Set HA failover (remote settings)

Declaration: nat_ha_failover_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1771

Implementation: nat_ha_failover_command_fn

nat44 ei ha flush

nat44 ei ha flush
nat44 ei ha flush

Flush the current HA data (for testing)

Declaration: nat_ha_flush_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1809

Implementation: nat_ha_flush_command_fn

nat44 ei ha listener

nat44 ei ha listener <ip4-address>:<port> [path-mtu <path-mtu>]
nat44 ei ha listener

Set HA listener (local settings)

Declaration: nat_ha_listener_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1784

Implementation: nat_ha_listener_command_fn

nat44 ei ha resync

nat44 ei ha resync
nat44 ei ha resync

Resync HA (resend existing sessions to new failover)

Declaration: nat_ha_resync_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1821

Implementation: nat_ha_resync_command_fn

nat44 ei ipfix logging

nat44 ei ipfix logging <enable [domain <domain-id>] [src-port <port>]>|disable
snat44 ei ipfix logging

To enable NAT IPFIX logging use:
 vpp# nat44 ei ipfix logging
To set IPFIX exporter use:
 vpp# set ipfix exporter collector 10.10.10.3 src 10.10.10.1

Declaration: nat44_ei_ipfix_logging_enable_disable_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1699

Implementation: nat44_ei_ipfix_logging_enable_disable_command_fn

nat44 ei mss-clamping

nat44 ei mss-clamping <mss-value>|disable
nat44 ei mss-clamping

Set TCP MSS rewriting configuration
To enable TCP MSS rewriting use:
 vpp# nat44 ei mss-clamping 1452
To disbale TCP MSS rewriting use:
 vpp# nat44 ei mss-clamping disable

Declaration: nat_set_mss_clamping_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1747

Implementation: nat_set_mss_clamping_command_fn

nat44 ei plugin

nat44 ei plugin <enable [sessions <max-number>] [users <max-number>] [static-mappig-only [connection-tracking]|out2in-dpo] [inside-vrf <vrf-id>] [outside-vrf <vrf-id>] [user-sessions <max-number>]>|disable
nat44 ei

Enable nat44 ei plugin
To enable nat44-ei, use:
 vpp# nat44 ei plugin enable
To disable nat44-ei, use:
 vpp# nat44 ei plugin disable
To enable nat44 ei static mapping only, use:
 vpp# nat44 ei plugin enable static-mapping
To enable nat44 ei static mapping with connection tracking, use:
 vpp# nat44 ei plugin enable static-mapping connection-tracking
To enable nat44 ei out2in dpo, use:
 vpp# nat44 ei plugin enable out2in-dpo
To set inside-vrf outside-vrf, use:
 vpp# nat44 ei plugin enable inside-vrf <id> outside-vrf <id>

Declaration: nat44_ei_enable_disable_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1605

Implementation: nat44_ei_enable_disable_command_fn

nat44 ei set logging level

nat44 ei set logging level <level>
nat44 ei set logging level

To set NAT logging level use:
Set nat44 ei logging level

Declaration: nat44_ei_set_log_level_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1684

Implementation: nat44_ei_set_log_level_command_fn

set interface nat44 ei

set interface nat44 ei in <intfc> out <intfc> [output-feature] [del]
set interface nat44

Enable/disable NAT44 feature on the interface.
To enable NAT44 feature with local network interface use:
 vpp# set interface nat44 ei in GigabitEthernet0/8/0
To enable NAT44 feature with external network interface use:
 vpp# set interface nat44 ei out GigabitEthernet0/a/0

Declaration: set_interface_nat44_ei_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1891

Implementation: nat44_ei_feature_command_fn

set nat44 ei timeout

set nat44 ei timeout [udp <sec> | tcp-established <sec> tcp-transitory <sec> | icmp <sec> | reset]
set nat44 ei timeout

Set values of timeouts for NAT sessions (in seconds), use:
 vpp# set nat44 ei timeout udp 120 tcp-established 7500 tcp-transitory 250
icmp 90
To reset default values use:
 vpp# set nat44 ei timeout reset

Declaration: set_timeout_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1653

Implementation: set_timeout_command_fn

set nat44 ei workers

set nat44 ei workers <workers-list>
set snat44 ei workers

Set NAT workers if 2 or more workers available, use:
 vpp# set snat44 ei workers 0-2,5

Declaration: set_workers_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1621

Implementation: set_workers_command_fn

show nat44 ei addr-port-assignment-alg

show nat44 ei addr-port-assignment-alg
show nat44 ei addr-port-assignment-alg

Show address and port assignment algorithm

Declaration: nat44_ei_show_alloc_addr_and_port_alg_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1731

Implementation: nat44_ei_show_alloc_addr_and_port_alg_command_fn

show nat44 ei addresses

show nat44 ei addresses
show nat44 ei addresses

Show NAT44 pool addresses.
vpp# show nat44 ei addresses
NAT44 pool addresses:
172.16.2.2
  tenant VRF independent
  10 busy udp ports
  0 busy tcp ports
  0 busy icmp ports
172.16.1.3
  tenant VRF: 10
  0 busy udp ports
  2 busy tcp ports
  0 busy icmp ports

Declaration: nat44_ei_show_addresses_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1875

Implementation: nat44_ei_show_addresses_command_fn

show nat44 ei ha

show nat44 ei ha
show nat44 ei ha

Show HA configuration/status

Declaration: nat_show_ha_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1797

Implementation: nat_show_ha_command_fn

show nat44 ei hash tables

show nat44 ei hash tables [detail|verbose]
show nat44 ei hash tables

Show NAT44 hash tables

Declaration: nat44_ei_show_hash src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1833

Implementation: nat44_ei_show_hash_command_fn

show nat44 ei interface address

show nat44 ei interface address
show nat44 ei interface address

Show NAT44 pool address interfaces
vpp# show nat44 ei interface address
NAT44 pool address interfaces:
 GigabitEthernet0/a/0

Declaration: nat44_ei_show_interface_address_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2006

Implementation: nat44_ei_show_interface_address_command_fn

show nat44 ei interfaces

show nat44 ei interfaces
show nat44 ei interfaces

Show interfaces with NAT44 feature.
vpp# show nat44 ei interfaces
NAT44 interfaces:
 GigabitEthernet0/8/0 in
 GigabitEthernet0/a/0 out

Declaration: nat44_ei_show_interfaces_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1909

Implementation: nat44_ei_show_interfaces_command_fn

show nat44 ei mss-clamping

show nat44 ei mss-clamping
show nat44 ei mss-clamping

Show TCP MSS rewriting configuration

Declaration: nat_show_mss_clamping_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1759

Implementation: nat_show_mss_clamping_command_fn

show nat44 ei sessions

show nat44 ei sessions [detail] [filter saddr <ip>]
show nat44 ei sessions

Show NAT44 sessions.

Declaration: nat44_ei_show_sessions_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 2018

Implementation: nat44_ei_show_sessions_command_fn

show nat44 ei static mappings

show nat44 ei static mappings
show nat44 ei static mappings

Show NAT44 static mappings.
vpp# show nat44 ei static mappings
NAT44 static mappings:
 local 10.0.0.3 external 4.4.4.4 vrf 0
 tcp local 192.168.0.4:6303 external 4.4.4.3:3606 vrf 0
 tcp vrf 0 external 1.2.3.4:80
  local 10.100.10.10:8080 probability 80
  local 10.100.10.20:8080 probability 20
 tcp local 10.0.0.10:3603 external GigabitEthernet0/a/0:6306 vrf 10

Declaration: nat44_ei_show_static_mappings_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1977

Implementation: nat44_ei_show_static_mappings_command_fn

show nat44 ei timeouts

show nat44 ei timeouts
show nat44 ei timeouts

Show values of timeouts for NAT sessions.
vpp# show nat44 ei timeouts
udp timeout: 300sec
tcp-established timeout: 7440sec
tcp-transitory timeout: 240sec
icmp timeout: 60sec

Declaration: nat_show_timeouts_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1671

Implementation: nat_show_timeouts_command_fn

show nat44 ei workers

show nat44 ei workers
show nat44 ei workers

Show NAT workers.
 vpp# show nat44 ei workers:
 2 workers
   vpp_wk_0
   vpp_wk_1

Declaration: nat_show_workers_command src/plugins/nat/nat44-ei/nat44_ei_cli.c line 1637

Implementation: nat_show_workers_command_fn