Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

show services nat pool

Syntax

Description

Display information about Network Address Translation (NAT) pools.

Note:

On MS-MPCs and MS-MICs, if the line cards receive a packet immediately after the active port block timeout interval has expired, a new port block is allocated and the old port block is released thereafter (if no more ports are being used from that block). In such a scenario, you might notice that the Max number of port blocks used field displays a higher value than the value shown for the Unique pool users field in the output of the show services nat pool detail command. This behavior is expected with port block allocation.

With MS-MPCs and MS-MICs, in the output of the show services nat pool detail command, the Max ports used and the Ports in use fields display values that indicate a higher number than the number of active subscribers on the member interfaces of an ams interface. This behavior of an increased value displayed for the number of ports allocated and maximum number of ports used is expected after you perform a Graceful Routing Engine switchover (GRES) and a restart of the MPC.

With MS-MPCs and MS-MICs on MX Series routers with AMS interfaces, it is observed that the subscriber and port count details are displayed only after a long time in the output of the show services nat pool detail command. This behavior is expected with NAT pool counters and occurs, regardless of port block allocation being configured.

Options

none

Display standard information about all NAT pools.

brief | detail

(Optional) Display the specified level of output.

pool-name

(Optional) Display information about the specified NAT pool.

pgcp

(Optional) Display information about a NAT pool that is exclusive to the BGF.

ports-per-session

(Optional) Display the number of ports allocated per session from the NAT pool.

remotely-controlled

(Optional) Display if the NAT pool is explicitly specified by the gateway controller.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show services nat pool command. Output fields are listed in the approximate order in which they appear.

Table 1: show services nat pool Output Fields

Field Name

Field Description

Level of Output

Interface

Name of an adaptive services interface.

All levels

Service set

Name of a service set. Individual empty service sets are not displayed, but if none of the service sets has any flows, a flow table header is printed for each service set.

All levels

NAT pool

Name of the Network Address Translation pool.

All levels

Type or Translation type

Address translation type: basic-nat-pt, Y, Y, Y, Y, Y, Y, Y, Y, Y, Y, Y, Y.

All levels

Address or Address range

IPv4 address range of the pool.

All levels

Port or Port range

Port range of the pool. Applicable only for dynamic NAT pools. Not displayed for static NAT pools.

All levels

Ports used or Ports in use

Number of ports allocated in this pool with this name. Applicable only for dynamic NAT pools. Not displayed for static NAT pools.

All levels

Port block type

Type of port block allocation: secured or deterministic

All levels

Available addresses

Number of free addresses in the NAT pool.

detail

Configured port range

The range of ports configured to be used for NAT pool.

detail

Out of port errors

Number of port allocation errors. Applicable only for dynamic NAT pools. Not displayed for static NAT pools.

detail

Parity port errors

Number of port allocations that failed because a port number of the desired parity was not available.

detail

Preserve Range errors

Number of port allocations that failed because a port in the desired range was not available.

detail

Max ports used

Maximum number of ports used. Applicable only for dynamic NAT pools. Not displayed for static NAT pools.

detail

Addresses in use

Number of addresses in use for dynamic source address NAT pools.

detail

AP-P port allocation errors

When address pooling paired (AP-P) is configured, a private IP is paired to a public IP. This is a counter of translation errors where there are free ports available in the NAT pool, but none for the NAT IP to which the private IP is paired.

detail

AP-P port limit allocation errors

When AP-P is configured, this is a counter of out-of-port errors that are due to a configured limit for the number of allocated ports in the limit-ports-per-address statement at the [edit services nat pool nat-pool-name] hierarchy level.

detail

Memory allocation errors

Number of memory allocation failures.

detail

EIF Inbound session count

Current number of EIF inbound sessions.

detail

EIF Inbound session Limit exceeded drops

Number of inbound connections that were dropped because the EIF limit was exceeded.

detail

Port block size

Number of ports in a port block.

none

brief

Max port blocks per address

Maximum number of port blocks per private address.

none

brief

Active block timeout

Activity timeout of port block.

none

brief

Effective port range

Effective range of port numbers.

none

brief

Effective number of port blocks

Effective number of port blocks.

none

brief

Effective number of ports

Effective number of ports.

none

brief

Port block efficiency

Port block efficiency.

none

brief

Port blocks limit exceeded errors

The total number of times when a request for more than the allowed port blocks allocated for a user arrives from a user.

All levels

Preserve range enabled

Whether the capability to preserve the privileged port range after translation is enabled. One of the following is displayed:

  • Is active—Preservation of port range is enabled.

  • Not active—Preservation of port range is not enabled.

detail

AP-P out of port errors

When AP-P is configured, a private IP is paired to a public IP. This is a counter of translation errors where there are free ports available in the NAT pool, but none for the NAT IP to which the private IP is paired.

detail

MAX number of port blocks used

The maximum number of port blocks used.

All levels

Current number of port blocks in use

Current count of the port blocks that are being used.

detail

Port block allocation errors

The consolidated number of port block allocation errors.

All levels

Port block memory allocation errors

The number of memory allocation errors for port blocks.

All levels

DetNat subscriber exceeded port limits

The number of times a subscriber exceeded its port limits for a NAT pool that uses deterministic port block allocation.

All levels

Unique pool users

The number of different users of the NAT pools.

All levels

Current EIF Inbound flows count

Current count of EIF inbound flows, including all EIF flows per pool.

detail

EIF flow limit exceeded drops

Current number of flow drops due to exceeded flow limit. This number is per pool, not per EIF mapping.

detail

Sample Output

show services nat pool brief

show services nat pool detail

show services nat pool (Secured Port Block Allocation)

show services nat pool detail (Deterministic Port Block Allocation)

show services nat pool (Deterministic Port Block Allocation)

show services nat pool detail (Port Block Allocation)

Release Information

Command introduced before Junos OS Release 7.4.

pgcp option added in Junos OS Release 8.5.