show nat destination
Displays configured destination NAT (DNAT) rules, statistics, or translations.
- rules
- Destination NAT rules.
- statistics
- Destination NAT statistics such as address and port information.
- translations
- Destination NAT translations.
Operational mode
Use this command to display the NAT rules you have configured. You can use this command for troubleshooting, to confirm whether traffic is matching the NAT rules as expected.
The following example shows how to display configured destination NAT rules.
vyatta@vyatta:~$ show nat destination rules
-----------------------------
NAT Rulesets Information
-----------------------------
----------------------------------------------------------------------------
DESTINATION
rule intf match translation
---- ---- ----- -----------
120 dp0s5 proto tcp to 172.16.139.100 port 80 ipv4 tag 0 dynamic 10.0.0.102
port 1-65535 <-anyThe following example shows how to display current statistics for destination NAT.
vyatta@vyatta:~$ show nat destination statistics
rule pkts bytes interface used/total
---- ---- ----- --------- ----------
120 14 1036 dp0s5 2/65535The used/total column refers to the translation space as defined by the NAT rule. The value is equivalent to the number of addresses multiplied by the number of ports. DNAT can exceed the translation space while SNAT cannot. In SNAT, if the translation space is exhausted, the remaining packets are dropped.
The following example shows how to display destination NAT translation information.
vyatta@vyatta:~$ show nat destination translations
Pre-NAT Post-NAT Prot Timeout
172.16.139.100:80 10.0.0.102:80 tcp 25