nat session aging-time (System view)
Function
The nat session aging-time command sets the aging time for a specific or multiple types of NAT/NAT64 sessions.
The undo nat session aging-time command restores the default aging time for a specific or multiple types of NAT, NAT64 sessions.
The default aging time for a specific or multiple types of NAT sessions is default aging time.
This command is supported only on the NetEngine 8000 F1A.
Parameters
| Parameter | Description | Value |
|---|---|---|
| tcp |
Indicates TCP sessions. |
- |
| udp |
Indicates UDP sessions. |
- |
| icmp |
Indicates ICMP sessions. |
- |
| fin-rst |
Indicates TCP FIN, TCP RST sessions. |
- |
| syn |
Indicates SYN sessions. |
- |
| fragment |
Indicates fragment sessions. |
- |
| dns |
Indicates DNS sessions. |
- |
| ftp |
Indicates FTP sessions. |
- |
| http |
Indicates HTTP sessions. |
- |
| rtsp |
Indicates RTSP sessions. |
- |
| sip |
Indicates SIP sessions. |
- |
| pptp |
Indicates PPTP sessions. |
- |
| long-link |
Indicates sessions over long TCP connections. This parameter takes effect only on NAT session entries. |
- |
| ip |
Indicates IP sessions. |
- |
| aging-time |
Specifies an aging time. |
|
Usage Guidelines
Usage Scenario
To set the aging time for a specific or multiple types of NAT,NAT64 sessions, run the nat session aging-time command. The aging time of NAT, NAT64 session entries of different protocols can be set, so that expired NAT, NAT64 session entries age as soon as possible, and system resources can be released.
- The default aging time of TCP is 240s
- The default aging time of UDP is 240s
- The default aging time of ICMP is 20s
- The default aging time of RTSP is 240s
- The default aging time of fragment is 5000ms
- The default aging time of fin-rst is 5s
- The default aging time of syn is 5s
- The default aging time of FTP is 600s
- The default aging time of DNS is 20s
- The default aging time of HTTP is 240s
- The default aging time of SIP is 800s
- The default aging time of PPTP is 180s
- The default aging time of IP is 240s
Configuration Impact
After an aging time is set for a specified type of NAT, NAT64 session entry, the session entries age after the configured aging time elapses. The changed aging time does not take effect for the generated NAT, NAT64 session entries.
Precautions
In the current version, configurations may fail to be restored if the nat session aging-time command in the system view and the nat session aging-time command in the NAT instance view are both configured and if the existing configuration file and a source version software package are used to restore configurations.
For example, the configuration file in the current version is as follows: nat session aging-time udp 200 <h1 id="id"></h1>nat instance 1 id 1
service-instance-group 1 nat session aging-time udp 300 nat user-session create-rate 32 <h1 id="id-1"></h1>If the preceding configuration file and a source version software package are used to restore configurations, the configurations are updated as follows:
nat session aging-time udp 300 <h1 id="id-2"></h1>nat instance 1 id 1
service-instance-group 1 <h1 id="id-3"></h1>After configuration comparison, the aging time configured in the NAT instance overrides that configured in the system view, and the configurations performed after the aging time is set in the NAT instance are missing.