- Table of Contents
-
- 05-Layer 3 - IP Services Command Reference
- 00-Preface
- 01-ARP Commands
- 02-IP Addressing Commands
- 03-DHCP Commands
- 04-DNS Commands
- 05-NAT Commands
- 06-IP Performance Optimization Commands
- 07-Adjacency Table Commands
- 08-UDP Helper Commands
- 09-IPv6 Basics Commands
- 10-DHCPv6 Commands
- 11-IPv6 DNS Commands
- 12-NAT-PT Commands
- 13-Tunneling Commands
- 14-GRE Commands
- Related Documents
-
Title | Size | Download |
---|---|---|
12-NAT-PT Commands | 110.82 KB |
|
NOTE: SPE cards in this document refer to cards prefixed with SPE such as SPE-1020-E-II. Only the cards SPE-1010-II, SPE-1010-E-II, SPE-1020-II, and SPE-1020-E-II support NAT service interface configuration. |
display natpt address-group
Syntax
display natpt address-group [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display natpt address-group command to display the NAT-PT address pool configuration information.
Examples
# Display the NAT-PT address pool configuration information.
<Sysname> display natpt address-group
IPv4 Address Pool Information:
1 : from 1.1.1.1 to 1.1.1.4
Table 1 Output description
Field |
Description |
1 |
Address pool number |
from 1.1.1.1 |
Start IP address in an address pool |
to 1.1.1.4 |
End IP address in an address pool |
display natpt address-mapping
Syntax
display natpt address-mapping [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display natpt address-mapping command to display the static and dynamic NAT-PT address mappings.
The displayed information does not include the information about port translation through the NAPT-PT mechanism.
Examples
# Display the static and dynamic NAT-PT address mappings.
<Sysname> display natpt address-mapping
Address Mappings (V6toV4):
IPv4 Address IPv6 Address Type
1.1.1.1 3001::0001 SOURCE
2.2.2.2 3001::0002 DESTINATION
V6Server static mapping:
IPv4Address IPv6 Address Pro
1.1.1.1^ 6 3001::0003^ 1270 TCP
Table 2 Output description
Field |
Description |
Address Mappings (V6toV4) |
Static and dynamic IPv4/IPv6 address mapping on the IPv6 side. |
IPv4 Address |
IPv4 address. |
IPv6 Address |
IPv6 address. |
Type |
Type of the mapping: · SOURCE—Mapping created according to the configuration on the IPv6 side · DESTINATION—Mapping created according to the configuration on the IPv4 side |
V6Server static mapping |
Displays the NAT-PT mapping of an IPv6 server. |
IPv4Address |
IPv4 address and port number. |
IPv6 Address |
Corresponding IPv6 address and port number. |
Pro |
Protocol type. |
display natpt all
Syntax
display natpt all [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display natpt all command to display all NAT-PT configuration information.
Examples
# Display all NAT-PT configuration information.
<Sysname> display natpt all
IPv4 Address Pool Information:
No Address Group Present
Address Mappings (V6toV4):
IPv4 Address IPv6 Address Type
V6Server static mapping:
IPv4Address IPv6 Address Pro
No DPAT Mappings Present
V4toV6 Information:
No V4 Access Records Present
V6toV4 Information:
No V6 Access Records Present
Prefix Information:
Prefix Interface NextHop
No Prefix Configured
Statistics:
Total Sessions: 0
Expired Sessions: 0
Hits: 0
Misses: 0
Total Address Mappings: 0 (static: 0 dynamic: 0 )
Total V6Server Mappings: 0
Enabled Interfaces:
NONE
For the description of the output, see related commands.
display natpt statistics
Syntax
display natpt statistics [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
slot slot-number: Displays the NAT-PT statistics information of the card in a specific slot.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display natpt statistics command to display NAT-PT statistics information.
The statistics information does not include information about port translation through NAPT-PT mechanism.
Related commands: reset natpt statistics.
Examples
# Display NAT-PT statistics information.
<Sysname> display natpt statistics
Statistics:
Total Sessions: 0
Expired Sessions: 0
Hits: 0
Misses: 0
Total Address Mappings: 0 (static: 0 dynamic: 0 )
Total V6Server Mappings: 0
Enabled Interfaces:
NONE
Table 3 Output description
Field |
Description |
Total Sessions |
Total number of sessions |
Expired Sessions |
Number of expired sessions |
Hits |
Number of times that a packet matches a NAT-PT session |
Misses |
Number of times that a packet matches no NAT-PT sessions |
Total Fragment Sessions |
Total number of active fragment sessions |
Expired Fragment Sessions |
Number of expired fragment sessions |
Fragment Hits |
Number of successful fragment sessions |
Fragment Misses |
Number of unsuccessful fragment sessions |
Total Address Mapping |
Number of static and dynamic mappings |
Total V6Server Mappings |
Number of V6Server mappings (address/port mappings) |
Enable Interfaces |
NAT-PT enabled interfaces |
natpt address-group
Syntax
natpt address-group group-number start-ipv4-address end-ipv4-address
undo natpt address-group group-number
View
System view
Default level
2: System level
Parameters
group-number: Number of an address pool, in the range of 1 to 32.
start-ipv4-address: Start IPv4 address in a pool.
end-ipv4-address: End IPv4 address in a pool.
Description
Use the natpt address-group command to configure a NAT-PT address pool.
Use the undo natpt address-group command to remove the specified NAT-PT address pool.
Note that:
· If start-ipv4-address equals end-ipv4-address, only one address is available in the address pool.
· The execution of the undo natpt address-group command may affect some dynamic NAT-PT mappings.
· A NAT-PT address pool and an IPv4 NAT address pool do not share any address.
Related commands: display natpt address-group.
Examples
# Configure a NAT-PT address pool.
<Sysname> system-view
[Sysname] natpt address-group 3 2.3.4.5 2.3.4.10
natpt enable
Syntax
natpt enable
undo natpt enable
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the natpt enable command to enable the NAT-PT feature on an interface.
Use the undo natpt enable command to disable the NAT-PT feature on an interface.
By default, the NAT-PT feature is disabled on an interface. That is, no NAT-PT is implemented for packets received or sent on the interface.
Only the SPE card supports this feature.
Examples
# Enable the NAT-PT feature on an interface.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/1
[Sysname-GigabitEthernet2/1/1] natpt enable
natpt prefix
Syntax
natpt prefix natpt-prefix
undo natpt prefix natpt-prefix
View
NAT service interface view
Default level
2: System level
Parameters
natpt-prefix: Prefix of an IPv6 address, 96 bits in length.
Description
Use the natpt prefix command to configure a NAT-PT prefix.
Use the undo natpt prefix command to remove the configured NAT-PT prefix.
Note that:
· A NAT-PT prefix must be different from the IPv6 address prefix of a local interface. Otherwise, incoming packets matching the prefix will get lost due to NAT-PT translation.
· To delete a NAT-PT prefix that has been referenced by using the natpt v4bound dynamic or natpt v6bound dynamic command, you must cancel the referenced configuration first.
· The execution of the undo natpt prefix command may affect the translation of some mappings. Therefore, use this command with caution.
Examples
# Configure a NAT-PT prefix.
<Sysname> system-view
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt prefix 2001::
natpt turn-off tos
Syntax
natpt turn-off tos
undo natpt turn-off tos
View
System view
Default level
2: System level
Parameters
None
Description
Use the natpt turn-off tos command to set the ToS field in an IPv4 packet translated from an IPv6 packet to 0.
Use the undo natpt turn-off tos command to restore the default.
By default, the value of the ToS field in an IPv4 packet translated from an IPv6 packet is the same as that of the Traffic Class field in the IPv6 packet.
Examples
# Set the ToS field in an IPv4 packet translated from an IPv6 packet to 0.
<Sysname> system-view
[Sysname] natpt turn-off tos
natpt turn-off traffic-class
Syntax
natpt turn-off traffic-class
undo natpt turn-off traffic-class
View
System view
Default level
2: System level
Parameters
None
Description
Use the natpt turn-off traffic-class command to set the Traffic Class field in an IPv6 packet translated from an IPv4 packet to 0.
Use the undo natpt turn-off traffic-class command to restore the default.
By default, the value of the Traffic Class field in an IPv6 packet translated from an IPv4 packet is the same as that of the ToS field in the IPv4 packet.
Examples
# Set the Traffic Class field in an IPv6 packet translated from an IPv4 packet to 0.
<Sysname> system-view
[Sysname] natpt turn-off traffic-class
natpt v4bound dynamic
Syntax
natpt v4bound dynamic acl number acl-number prefix natpt-prefix
undo natpt v4bound dynamic acl number acl-number
View
NAT service interface view
Default level
2: System level
Parameters
acl number acl-number: Specifies the IPv4 access control list (ACL) number, in the range of 2000 to 2999.
prefix natpt-prefix: Specifies the NAT-PT prefix, which is 96 bits in length.
Description
Use the natpt v4bound dynamic command to configure a dynamic source address mapping policy for packets from IPv4 hosts to IPv6 hosts by associating an ACL with a NAT-PT prefix.
Use the undo natpt v4bound dynamic command to remove the dynamic mapping.
|
CAUTION: Before configuring a dynamic IPv4/IPv6 address mapping, you must use the natpt prefix command to specify the NAT-PT prefix for the natpt v6bound dynamic command. |
Related commands: display natpt address-mapping.
Examples
# Use ACL 2000 to match IPv4 packets and add the NAT-PT prefix 2001:: to translate the source IPv4 address into an IPv6 address.
<Sysname> system-view
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt prefix 2001::
[Sysname-NAT1/0/1] natpt v4bound dynamic acl number 2000 prefix 2001::
natpt v4bound static
Syntax
natpt v4bound static ipv4-address ipv6-address
undo natpt v4bound static ipv4-address ipv6-address
View
NAT service interface view
Default level
2: System level
Parameters
ipv4-address: IPv4 address to be mapped.
ipv6-address: IPv6 address to which an IPv4 address is mapped.
Description
Use the natpt v4bound static command to configure a static IPv4/IPv6 address mapping on the IPv4 side.
Use the undo natpt v4bound static command to remove a static IPv4/IPv6 address mapping on the IPv4 side.
The ipv6-address prefix should be contained in the configured NAT-PT prefix.
Related commands: display natpt address-mapping.
Examples
# Configure the static mapping between the IPv4 address 2.3.4.9 and the IPv6 address 2001::1 on the IPv4 side.
<Sysname> system-view
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt v4bound static 2.3.4.9 2001::1
natpt v4bound static v6server
Syntax
natpt v4bound static v6server protocol protocol-type ipv4-address-destination ipv4-port-number ipv6-address-destination ipv6-port-number
undo natpt v4bound static v6server protocol protocol-type ipv4-address-destination ipv4-port-number ipv6-address-destination ipv6-port-number
View
NAT service interface view
Default level
2: System level
Parameters
protocol protocol-type: Specifies the protocol type. The protocol-type argument can be:
· tcp: Specifies the TCP protocol.
· udp: Specifies the UDP protocol.
ipv4-address-destination: IPv4 address to which an IPv6 address is mapped.
ipv4-port-number: IPv4 port number, in the range of 1 to 12287.
ipv6-address-destination: Destination IPv6 address to be mapped.
ipv6-port-number: IPv6 port number, in the range of 1 to 12287.
Description
Use the natpt v4bound static v6server command to configure a static NAPT-PT mapping for an IPv6 server.
Use the undo natpt v4bound static v6server command to remove a static NAPT-PT mapping for an IPv6 server.
Related commands: display natpt address-mapping.
Examples
# Configure a static NAPT-PT mapping for an IPV6 server, in which the protocol type is TCP, the IPv4 address and port number are 2.3.4.5 and 80 respectively, and the IPv6 address and port number are 2001::1 and 80 respectively.
<Sysname> system-view
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt v4bound static v6server protocol tcp 2.3.4.5 80 2001::1 80
natpt v6bound dynamic
Syntax
natpt v6bound dynamic { acl6 number acl6-number | prefix natpt-prefix } { address-group address-group [ no-pat ] | interface interface-type interface-number }
undo natpt v6bound dynamic { acl6 number acl6-number | prefix natpt-prefix }
View
System view, NAT service interface view
Default level
2: System level
Parameters
acl6 number acl6-number: Specifies the IPv6 ACL number. If the source IPv6 address of a packet sent from an IPv6 network to an IPv4 network matches this IPv6 ACL, the source IPv6 address is translated based on the command. The IPv6 ACL number ranges 2000 to 2999.
prefix natpt-prefix: Specifies the NAT-PT prefix. If the destination IPv6 address of a packet sent from an IPv6 network to an IPv4 network is in this NAT-PT prefix, the source IPv6 address is translated based on the command. The NAT-PT prefix is 96 bits in length.
address-group address-group: Specifies the number of the IPv4 address pool for the translation of the source IPv6 address. The IPv4 address pool number is in the range of 1 to 32.
no-pat: Specifies no port address translation. If the no-pat keyword is not provided, port address translation will be performed.
interface interface-type interface-number: Specifies the IPv4 address of the interface as the translated source address. interface-type interface-number specifies the interface type and number.
Description
Use the natpt v6bound dynamic command to configure a dynamic source address mapping policy for packets from IPv6 hosts to IPv4 hosts.
Use the undo natpt v6bound dynamic command to remove the dynamic mapping.
Related commands: display natpt address-mapping.
Examples
# Translate the source address of an IPv6 packet that matches IPv6 ACL 2001 into an IPv4 address in address pool 1.
<Sysname> system-view
[Sysname] natpt address-group 1 2.3.4.5 2.3.4.10
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt v6bound dynamic acl6 number 2001 address-group 1
natpt v6bound static
Syntax
natpt v6bound static ipv6-address ipv4-address
undo natpt v6bound static ipv6-address ipv4-address
View
NAT service interface view
Default level
2: System level
Parameters
ipv6-address: IPv6 address to be mapped.
ipv4-address: IPv4 address to which an IPv6 address is mapped.
Description
Use the natpt v6bound static command to configure a static IPv4/IPv6 address mapping on the IPv6 side.
Use the undo natpt v6bound static command to remove a static IPv4/IPv6 address mapping on the IPv6 side.
Related commands: display natpt address-mapping.
Examples
# Configure the static mapping between the IPv6 address 2001::1 and the IPv4 address 2.3.4.5 on the IPv6 side.
<Sysname> system-view
[Sysname] interface NAT 1/0/1
[Sysname-NAT1/0/1] natpt v6bound static 2001::1 2.3.4.5
reset natpt statistics
Syntax
reset natpt statistics [ slot slot-number ]
View
User view
Default level
1: Monitor level
Parameters
slot slot-number: Clears the NAT-PT statistics information of the card in a specific slot.
Description
Use the reset natpt statistics command to clear all NAT-PT statistics information.
Related commands: display natpt statistics.
Examples
# Clear all NAT-PT statistics information.
<Sysname> reset natpt statistics