display nat statistics

Function

The display nat statistics command displays NAT statistics on a service board.

This command is supported only on the NetEngine 8000 F1A.

Format

display nat statistics { discard | global | received | table | transmitted | payload } [ slot slot-id ]

display nat statistics { discard | global } nat-instance instance-name [ slot slot-id ]

display nat statistics alg [ slot slot-id ] packet-number { dns | ftp | pptp | rtsp | sip | all | http }

display nat statistics received payload [ slot slot-id ]

Parameters

Parameter	Description	Value
packet-number	Displays ALG packet statistics.	-
ftp	Displays statistics about FTP packets on a service board.	-
pptp	Displays statistics about PPTP protocol packets on a service board.	-
rtsp	Displays statistics about RTSP protocol packets on a service board.	This parameter can be used only in NAT.
sip	Displays statistics about SIP protocol packets on a service board.	-
all	Displays statistics about FTP, DNS, PPTP, RTSP, and SIP protocol packets on a service board.	-
dns	Displays statistics about DNS packets on a service board.	-
http	Displays statistics about HTTP protocol packets on a service board. This parameter is supported only in NAT64.	-
discard	Displays statistics about dropped packets on a service board. Possible causes for NAT packet loss on a NAT board are as follows: The CPU received unidentified packets. The CPU cannot process all packets due to insufficient resources. Impacts of packet loss are as follows: select cpu error discard: harmless packet loss (no packets are dropped even if packet loss statistics exist). The following fields indicate that the packet is invalid or that the time when the packet was sent is incorrect, but services are not affected. decode ip header fail discard. session miss discard. tcp sequence invalid discard. fragments dropped discard. -tcp check state error discard. The following fields indicate that the packet loss is caused by a networking problem. In most cases, the time when the packet was sent is incorrect, but services are not affected. fib4 is blackhole discard. fib type error discard. If the following fields are displayed, check whether the CPU resources are sufficient on the NAT board and whether the statistics change. setup session fail discard. nat source port conflict discard. pre alloc port fail discard. user2internet user table invalid discard. user2internet user table not found discard. The process of a specific function in a particular scenario becomes incorrect. In this case, check statistics.	-
global	Displays global statistics on a service board.	-
received	Displays statistics about received packets on a service board.	-
table	Displays statistics about flow tables on a service board.	-
transmitted	Displays statistics about sent packets on a service board.	-
slot slot-id	Specifies the slot ID of a service board.	The value is a string of 1 to 15 case-sensitive characters. It cannot contain spaces.
nat-instance instance-name	Displays statistics about a specified NAT instance.	The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
payload	Displays statistics about forwarding payload on a service board.	-
alg	Displays statistics about ALG packets on a service board.	-

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
nat	read

Usage Guidelines

Usage Scenario

display nat statistics information about sent, error, and dropped packets on a service board.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display global statistics on a service board in slot 1.

<HUAWEI> display nat statistics alg slot 1 packet-number ftp
This operation will take a few minutes. Press 'Ctrl+C' to break ...
Slot: 1 
---------------------------------------------------------------------------                                                         
Protocol Receive               Send                  Drop                                                                           
---------------------------------------------------------------------------                                                         
FTP      900                   1000                  100                                                                              
---------------------------------------------------------------------------

# Display statistics about forwarding payload on a service board in slot 1.

<HUAWEI> display nat statistics payload slot 1
This operation will take a few minutes. Press 'Ctrl+C' to break ...
Slot: 1
---------------------------------------------------------------------------
  Current receive packet speed(pps)              :0
  Current receive packet bit speed(bps)          :0
  Current receive packet average length(bytes)   :0
  Current transmit packet speed(pps)             :0
  Current transmit packet bit speed(bps)         :0
  Current transmit packet average length(bytes)  :0
  Historical maximum receive packet speed(pps):                        1646443                                                         
  Historical maximum receive packet speed time:            2015-06-11 10:14:41                                                         
  Historical maximum receive packet bit speed(bps):                 1712301176                                                         
  Historical maximum receive packet bit speed time:        2015-06-11 10:14:41                                                         
  Historical maximum transmit packet speed(pps):                        823228                                                         
  Historical maximum transmit packet speed time:           2015-06-11 10:14:38                                                         
  Historical maximum transmit packet bit speed(bps):                 737607104                                                         
  Historical maximum transmit packet bit speed time:       2015-06-11 10:36:01  
---------------------------------------------------------------------------

# Display statistics about NAT packets dropped by the CPU numbered 0 on a service board in slot 1.

<HUAWEI> display nat statistics discard slot 1
This operation will take a few minutes. Press 'Ctrl+C' to break ...
Slot: 1
--------------------------------------------------------------------------------                                                         
  The session failed to be created:                                            1                                                                                 
--------------------------------------------------------------------------------

**Table 1** Description of the **display nat statistics** command output
Item	Description
Transmit packet average length(bytes)	Average length of sent packets, in bytes.
Receive	Total number of received packets.
Total number of received packets	Total number of received packets.
Current receive packet average length(bytes)	Average length (in bytes) of currently received packets.
Current receive packet bit speed(bps)	Current bit receiving rate, in bit/s.
Current receive packet speed(pps)	Current packet receiving rate, in pps.
Current session speed(num/s)	Rate at which sessions are created per seconds.
Current transmit packet average length(bytes)	Average length (in bytes) of sent NATed packets.
Current transmit packet bit speed(bps)	Rate (in bit/s) at which bits of NATed packets are sent.
Current transmit packet speed(pps)	Rate (in pps) at which NATed packets are sent.
Historical maximum receive packet speed time	Date and time when packets were received at the maximum rate in the history.
Historical maximum transmit packet bit speed time	Date and time when bits of packets were sent at the maximum rate in the history.
Historical maximum transmit packet bit speed(bps)	Maximum bit sending rate (in bit/s) in the history.
Historical maximum transmit packet speed time	Date and time when packets were sent at the maximum rate in the history.
Historical maximum receive packet bit speed(bps)	Indicates the historical maximum packet receiving rate, in bit/s.
Historical maximum receive packet speed(pps)	Indicates the historical maximum packet receiving rate, in packets/second.
Historical maximum receive packet bit speed time	Indicates the time of the historical maximum receive packet bit rate.
Historical maximum transmit packet speed(pps)	Indicates the historical maximum packet sending rate, in packets/second.
Protocol	Protocol type, which can be FTP or DNS.
Send	Total number of sent packets.
Drop	Total number of discarded packets.
User log packets transmitted	Number of forwarded user log packets.
The CAR limit is exceeded when the Frag session is created	The rate at which fragment sessions are created reached the CAR limit.
The CAR limit is exceeded when the reverse session is created	The rate at which network-to-user sessions are created reached the CAR limit.
The CAR limit is exceeded when the session is created	The rate at which user-to-network sessions are created reached the CAR limit.
The destination servermap cannot be found from the network side to the user side	The server mapping entry from the network side to the user side cannot be found.
The first packet failed to be processed	Failed to process the first packets.
The frame type is unknown	Unknown frame type.
The IP header failed to be resolved	Failed to parse the IP header.
The outbound interface cannot be found	The packet was discarded because no outbound interface was found in its route.
The outbound policy was not configured in the NAT instance or the ACL rule did not contain the user address	The nat outbound command was not run in the NAT instance view, or the ACL did not contain the user address.
The packet failed to be sent to the VRP	The packet failed to be sent to the VRP module.
The route cannot be found	Route lookup failure.
The session failed to be created	Session creation failure.
The user CAR limit is exceeded when the session is created	Packets were discarded because the rate at which user sessions were created exceeded the configured value.
The user table from the user side to the network side is vacant	In port forwarding or ALG scenarios, the first packets were discarded because they did not match any server mapping entries.
The VPN of the packets is different from which specified in the NAT instance by allow-access command	The VPN information in the packet conflicted with that in the NAT instance.
The user traffic can not match the outbound ACL or NAT server in the NAT instance	Failed to query the address pool.
Frag session insert fail	Failed to create sessions for fragment packets due to a hash conflict.
PCP request error	The content of the PCP request packet was incorrect.
PCP License invalid	Invalid PCP license.
Packets transmit fail	Failed to send packets.
Packets transmitted to interface	Number of packets sent by an interface board.
Packets transmitted to mainboard	Number of packets sent by a main control board.
Avarage-usage	Average address/port/session usage.
Bufferring a fragment timed out	Caching fragment packets timed out.
Failed to construct the ICMPv4 flow key in NAT64 scenario	Error in parsing ICMPv4 packets. Cause: This version does not support ICMP packets.
Failed to construct the ICMPv6 flow key in NAT64 scenario	Error in parsing ICMPv6 packets. Cause: This version does not support ICMP packets.
Failed to forward packets that have been processed with NAT	Failed to forward NATed packets.
Failed to send packets to the ALG module	Failed to send packets to the ALG module.
Failed to send packets to the VRP module	Failed to send packets to the VRP module.
Fragments drop discard	Failed to reassemble IPv4 fragment packets.
Inconsistent protocol to construct the IPv4 flow in NAT64 scenario	Failed to parse the reverse ICMPv4 packets.
Inconsistent protocol to construct the IPv6 flow in NAT64 scenario	Failed to parse the reverse ICMPv6 packets.
Incorrect route type	Cannot identify the route type.
IPv4 buffering a fragment failed	Failed to create a fragment cache table for IPv4 fragment packets.
IPv4 checksum error	IPv4 checksum error.
IPv4 header destination IP error	The invalid packets with destination IP address 0.0.0.0 or Class E addresses were discarded.
IPv4 header length error	IPv4 header length error.
IPv4 header source IP error	Failed in the validity check of the source IP address. Causes: Class E address. Loopback address. Source IP address being a multicast address.
IPv4 packet length error	IPv4 packet size error.
IPv4 version error	IPv4 version number error.
IPv6 Cache fragment failed	Failed to create a fragment cache table for IPv6 fragment packets.
IPv6 header error	Unsupported IPv6 option.
IPv6 reassemable fail	Failed to reassemble IPv6 fragment packets.
IPv6 version error	IPv6 version error.
Limit on license	Reached the session specification limit specified in the license.
Limit on user-based ICMP reverse sessions	Reached the maximum number of network-to-user ICMP sessions that can be used by a single user.
Limit on user-based ICMP sessions	Reached the maximum number of user-to-network ICMP sessions that can be used by a single user.
Limit on user-based TCP reverse sessions	Reached the maximum number of network-to-user TCP connections that can be used by a single user.
Limit on user-based TCP sessions	Reached the maximum number of user-to-network TCP sessions that can be used by a single user.
Limit on user-based Total reverse sessions	Reached the maximum number of network-to-user sessions that can be used by a single user.
Limit on user-based Total sessions	Reached the maximum number of user-to-network sessions that can be used by a single user.
Limit on user-based UDP reverse sessions	Reached the maximum number of network-to-user UDP sessions that can be used by a single user.
Limit on user-based UDP sessions	Reached the maximum number of user-to-network UDP sessions that can be used by a single user.
NAT function license invalid	Invalid NAT license.
NAT License invalid	Invalid NAT444 license.
NAT64 failed to construct session key	Failed to construct a session key.
Nat64 License invalid	Invalid NAT64 license.
Nat64 nat not hitted	The NAT64 address pool failed to match the ACL.
New port obtaining failures	Failed to obtain a public network port.
No matched session found for TCP non-SYN packets	No matched session found for TCP non-SYN packets.
NoPAT IP address application failures	Failed to apply for a public IP address in No-PAT mode.
Public IP port block application failures for new user tables in PAT mode	Failed to apply for a public network port in PAT mode.
Pure IP discard	Discarding of native IP packets.
Reverse packet protocol error	Incorrect protocol type in network-to-user packets.
Searching for the FIB6 failed	FIB6 lookup failure.
No matched session found for ICMP non-echo request packets	Non-fragmented and non-echo ICMP request packets were discarded due to lack of matched sessions.
Traffic from Internet to user matches outbound servermap but user is offline discard	Network-to-user packets were discarded because they did not match any server mapping entries.
Traffic limit when a packet is sent from data plane to management plane	CAR rate limit for the traffic sent from the data plane to management plane.
Traffic was discarded because the number of users sharing the address reached the upper limit	Packets were discarded because the number of IP addresses of access users reached the upper limit.
Forward NAT packet discard due to TTL exceeding	User-to-network NAT packets were discarded due to TTL timeout.
Forward NAT frame encap error discard	Failed to obtain the outbound interface information: TBTP.
Limit on user sessions with specified IP	Reached the maximum number of sessions that can be used by a single user.
Limit on user-based ICMP ports	Reached the maximum number of ICMP ports that can be used by a single user.
Limit on user-based TCP ports	Reached the maximum number of TCP ports that can be used by a single user.
Limit on user-based Total ports	Reached the maximum number of ports that can be used by a single user.
Limit on user-based UDP ports	Reached the maximum number of UDP ports that can be used by a single user.
NAT failed to construct session key	No count exists.
Neg session PCP filter fail	Invalid PCP packets.
New PCP reply packet send fail	Failed to send PCP packets.
New PCP session failed to be created	Failed to create sessions for first PCP packets.
Static user not in inside pool	The static source tracing user did not match the mapping table.
Slot	Slot ID.
Card	Card ID.
Illegal pcpServerIp drop	The PCPServer is invalid.
Fast forward packet error	Forwarded packets are invalid and discarded.