Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

show security nat source port-block

Syntax

Description

Display the port blocks allocated by the host.

Options

pool-name

Display the PBA port block table for the specified source pool.

host ip address

Display the PBA port block table based on the host IP address.

xlated ip address

Display the PBA port block table based on the translated IP address.

xlated-port

Display the PBA port block table based on the translated IP address and the translated port information.

root-logical-system

Display the PBA port block table for the primary (root) logical system.

logical-system (lsys-name | all)

Display information about the specified logical system source NAT pools or all logical system source NAT pools.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security nat source port-block command. Output fields are listed in the approximate order in which they appear.

Table 1: show security nat source port-block Output Fields

Field Name

Field Description

Pool name

Name of pool.

Port-overloading-factor

Factor of port overloading for the source pool.

Port block size

Number of ports that a port block contains.

Max port blocks per host

Maximum number of blocks that one host can use for translation.

Port block active timeout

Longest duration that a block remains active for port allocation.

Used/total port blocks

Current number of used ports and the total number of ports in this source pool.

Host IP

Address of the host IP.

External IP

Address of an external IP.

Port_Block Range

Port range of one PBA port block entry from the lowest to the highest port number that can be allowed to allocate ports for this block.

Ports_Used/Ports_Total

Current number of used ports and total number of ports in this source pool.

Block_State/Left_Time(s)

PBA port block entry state for NAT port allocation, including Active, Inactive, Query, and the time left for a port block that is in the Active state or Query state.

  • Active—When an internal subscriber initiates a NAT request, a port block is allocated from the pool, and the status is set to Active. When there is a subsequent request from the same subscriber, a port is allocated from the existing Active block.

  • Inactive—When there is a request from an internal subscriber who has previously had a port allocated from this port block, but the time on the Active port block has expired or the ports are used up, the port block status changes from Active to Inactive.

  • InactiveB—When a chassis cluster is in active/passive mode, and a port block is created on the active node, the status for the synced port block on the backup node is InactiveB.

  • Query—When no ports are used in an Active port block, the status changes from Active to Query.

Last active block recycle timeout

Amount of time before the last active block is released when active-port-block-timeout is set to zero.

Sample Output

show security nat source port-block

Sample Output

show security nat source port-block (SRX Series devices)

show services nat source port-block (MX-SPC3)

Release Information

Command introduced in Junos OS Release 12.1X47-D10. The Last active block recycle timeout output field added in Junos OS Release 15.1X49-D60.