[j-nsp] NAT
Kevin Oberman
oberman at es.net
Sat Mar 27 21:57:56 EDT 2010
> From: Ibariouen Khalid <ibariouen.khalid at ericsson.com>
> Date: Fri, 26 Mar 2010 22:36:39 +0100
> Sender: juniper-nsp-bounces at puck.nether.net
>
> Hi all
> Can someone tell me what does "no nat vector means" exactelly :
>
>
> GFW01(M)-> get counter statistics interface ethernet1/3
> Hardware counters for interface ethernet1/3:
> in bytes 201903417 | out bytes 2103176764 | early frame 0
> in packets 2949387186 | out packets 2468188341 | late frame 0
> in no buffer 0 | out no buffer 0 | re-xmt limit 0
> in overrun 63 | out underrun 0 | drop vlan 0
> address spoof 0 | in icmp 164486382 | no nat vector 1977
>
>
> in some document No nat vector Indicates the number of packets dropped
> because the Network Address Translation (NAT) connection was
> unavailable for the gate.
>
>
> But it's not clear for me ? 4 Public ip addresses are enought for
> 61973 sessions .
I believe it may be a count of packets received for which the router has
no NAT translation. I believe that this is a packet that the router
has no NAT translation to send it to. E.g. A packet arrives from a
when no outgoing traffic has established a destination nor is there a
pre-configured destination, The router has no place to forward the
packet, do it is counted and dropped.
A wide assortment of common network scans would result in this event.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the juniper-nsp
mailing list