R0106-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

131

132

133

134

135

136

137

138

139

140

127

• A NAT session is removed when you add configuration with higher priority, remove configuration,

change ACLs, and when a NAT session ages out or a NAT session is deleted.

• Active NAT flows exist. When the interval for logging active NAT flows is reached, the NAT session

is logged.

To enable NAT session logging:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable NAT logging.

nat log enable [ acl acl-number ]

By default, NAT logging is

disabled.

3. Enable NAT session

logging.

• For NAT session establishment

events:

nat log flow-begin

• For NAT session removal events:

nat log flow-end

• For active NAT flows:

nat log flow-active minutes

By default, NAT session logging is

disabled.

Configuring NAT444 user logging

NAT444 user logs are used for user tracing. The NAT444 gateway generates a user log whenever it

assigns or withdraws a port block. The log includes the private IP address, public IP address, and port

block. You can use the public IP address and port numbers to locate the user private IP address from the

user logs.

A NAT444 gateway generates NAT user logs when one of the following events occurs:

• A port block is assigned.

For static NAT444, the NAT444 gateway generates a user log when it translates the first

connection from a private IP address.

For dynamic NAT444, the NAT444 gateway generates a user log when it assigns or extends a

port block for a private IP address.

• A port block is withdrawn.

For static NAT444, the NAT444 gateway generates a user log when all connections from a

private IP address are disconnected.

For dynamic NAT444, the NAT444 gateway generates a user log when all the following

conditions are met:

{ All connections from a private IP address are disconnected.

{ The port blocks (including the extended ones) assigned to the private IP address are withdrawn.

{ The corresponding mapping entry is deleted.

Before configuring NAT444 user logging, you must configure the custom NAT444 log generation and

outputting functions. For more information, see Network Management and Monitoring Configuration

Guide.

To configure NAT444 user logging: