[c-nsp] ASR9006 - CG NAT - VSM-500

Pshem Kowalczyk pshem.k at gmail.com
Wed Dec 16 15:11:08 EST 2015 

Just a wild guess here, but I suspect you might be seeing the source port
on your public IP, not the destination port in the CLI (despite the fact it
calls it 'destination port').

kind regards
Pshem


On Thu, 17 Dec 2015 at 04:23 Aaron <aaron1 at gvtc.com> wrote:

> Syslogging for CGNat is turning up some interesting destination port
> numbers...I haven't been able to figure out the correlation.  Please let me
> know if you understand how to convert what IOS XR shows, and what syslog
> shows...  it seems that syslog is accurate and IOS XR is formatting the
> number strangely.  2 examples comparing syslog trap to ios xr output shown
> below.  Everything seems to match EXCEPT that destination port number.
>
> Aaron
>
>
> **************************************************************************************
> EXAMPLE 1 - i'm tring to figure out how destination port 23 somehow is
> shown as 5888
>
> **************************************************************************************
>
> Syslog trap...
>
> 1 2015 Dec 16 14:48:28 - - NAT44 - [SessionbasedAD 6 10.144.0.11 six -
> 123.234.123.49 49289 6437 - 66.195.95.174 23 ]
>
> IOS XR...
>
> RP/0/RSP0/CPU0:eng-lab-9k-1#sh cgn nat44 nat1 session protocol tcp
> inside-vrf six inside-address 10.144.0.11 port 49289
> Wed Dec 16 08:49:09.010 CST
> ------------------------------------------------------
> NAT44 instance : nat1
> ------------------------------------------------------
> Outside Address     : 123.234.123.49
> Outside Port        : 6437
> Translation Type    : dynamic
> Protocol            : tcp
> ------------------------------------------------------
>   Destination Address       Destination Port
> ------------------------------------------------------
>   66.195.95.174             5888
>
>
> **************************************************************************************
> EXAMPLE 2 - i'm tring to figure out how destination port 80 somehow is
> shown as 20480
>
> **************************************************************************************
>
> Syslog trap...
>
> 1 2015 Dec 16 14:48:39 - - NAT44 - [SessionbasedAD 6 10.144.0.11 six -
> 123.234.123.49 49290 19520 - 74.125.138.155 80 ]
>
>
> IOS XR...
>
> RP/0/RSP0/CPU0:eng-lab-9k-1#sh cgn nat44 nat1 session protocol tcp
> inside-vrf six inside-address 10.144.0.11 port 49290
> Wed Dec 16 09:19:38.434 CST
> ------------------------------------------------------
> NAT44 instance : nat1
> ------------------------------------------------------
> Outside Address     : 123.234.123.49
> Outside Port        : 19520
> Translation Type    : dynamic
> Protocol            : tcp
> ------------------------------------------------------
>   Destination Address       Destination Port
> ------------------------------------------------------
>   74.125.138.155            20480
> RP/0/RSP0/CPU0:eng-lab-9k-1#
>
>
> Aaron
>
>
>

More information about the cisco-nsp mailing list