nat session aging-time (NAT instance view)

Function

The nat session aging-time command sets the aging time for a specific or multiple types of NAT sessions.

The undo nat session aging-time command restores the default aging time for a specific or multiple types of NAT sessions.

The default aging time for a specific or multiple types of NAT sessions is the default aging time.

This command is supported only on the NetEngine 8000 F1A.

Format

nat session aging-time { fin-rst | fragment | ftp | icmp | pptp | rtsp | sip | syn | tcp | udp | ip | dns | http } aging-time

undo nat session aging-time { fin-rst | fragment | ftp | icmp | pptp | rtsp | sip | syn | tcp | udp | ip | dns | http } [ aging-time ]

Parameters

Parameter Description Value
fin-rst

Indicates TCP FIN/RST sessions.

-
fragment

Indicates fragment sessions.

-
ftp

Indicates FTP sessions.

-
icmp

Indicates ICMP sessions.

-
pptp

Indicates PPTP sessions.

-
rtsp

Indicates RTSP sessions.

-
sip

Indicates SIP sessions.

-
syn

Indicates SYN sessions.

-
tcp

Indicates TCP sessions.

-
udp

Indicates UDP sessions.

-
ip

Indicates IP sessions.

-
dns

Indicates DNS sessions.

Indicates DNS sessions.
http

Indicates HTTP sessions.

Indicates HTTP sessions.
aging-time

Specifies an aging time.
  • For fragment sessions, the value is an integer ranging from 40 to 40000, in ms.
  • For the other sessions, the value is an integer ranging from 1 to 40000, in seconds.

Views

NAT instance view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
nat write

Usage Guidelines

Usage Scenario

To set the aging time for a specific or multiple types of NAT sessions, run the nat session aging-time command. The aging time of NAT session entries of different protocols can be set, so that expired NAT session entries age as soon as possible, and system resources can be released.

  • The default aging time of TCP is 240s
  • The default aging time of UDP is 240s
  • The default aging time of ICMP is 20s
  • The default aging time of RTSP is 240s
  • The default aging time of fragment is 5000ms
  • The default aging time of fin-rst is 5s
  • The default aging time of syn is 5s
  • The default aging time of FTP is 600s
  • The default aging time of DNS is 20s
  • The default aging time of SIP is 800s
  • The default aging time of PPTP is 180s
  • The default aging time of IP is 240s

Configuration Impact

After an aging time is set for a specified type of NAT session entry, the session entries age after the configured aging time elapses. The changed aging time does not take effect for the generated NAT session entries.

Precautions

If an aging time is set in a NAT instance, the aging time takes effect on sessions established in the instance. If no aging time is set in a NAT instance, the global aging time takes effect on sessions established in the instance.

Example

# Set the aging time for TCP NAT session entries to 420 seconds in the NAT instance nat1.
<HUAWEI> system-view
[~HUAWEI] nat instance nat1 id 1
[*HUAWEI-nat-instance-nat1] nat session aging-time tcp 420
Parent Topic: NAT Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >