R2511-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V5)
128
Ste
p
Command
Remarks
2. Enable NAT logging.
nat log enable [ acl acl-number ]
Disabled by default.
3. Enable NAT logging.
• Enable logging of NAT
session establishment events:
nat log flow-begin
• Enable logging for active
NAT sessions and set the
logging interval:
nat log flow-active minutes
Use either command.
By default:
• No log is generated when a NAT
session is established.
• Logging for active NAT sessions is
disabled.
Exporting NAT logs
NAT logs can be exported to either the information center or the log server:
• To the information center—NAT logs are converted into system logs and exported to the local
device's information center. Depending on the configuration of the information center, NAT logs are
then exported to their final destination. Up to 10 NAT logs can be exported to the information
center at one time.
• To the log server—NAT logs are encapsulated into UDP packets and sent to the log server, as
shown in Figure 56. T
he output NAT logs can be in several versions, each with a different UDP
packet format. Only version 1 is used. A UDP packet is composed of a header and one or more
NAT logs.
Figure 56 Exporting NAT logs to the NAT log server
If you configure both destinations, the system automatically exports NAT logs to the information center.
Exporting NAT logs to the information center
Exporting NAT logs to the information center consumes storage space of the device. Use this approach
when the volume of NAT logs is relatively small.
NAT logs to the information center are prioritized as informational, meaning that they are ordinary
message information. For more information about NAT log priority, see Network Management and
Monitoring Configuration Guide.
To configure the device to export NAT logs to the information center:
Step Command Remarks
1. Enter system view.
system-view N/A
Internet
User
Device
generating NAT log
NAT logs
NAT logs
NAT log server