Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

show nat destination

Displays configured destination NAT (DNAT) rules, statistics, or translations.

show nat destination [ rules | statistics | translations ]
rules
Destination NAT rules.
statistics
Destination NAT statistics such as address and port information.
translations
Destination NAT translations.

Operational mode

Use this command to display the NAT rules you have configured. You can use this command for troubleshooting, to confirm whether traffic is matching the NAT rules as expected.

The following example shows how to display configured destination NAT rules.

vyatta@vyatta:~$ show nat destination rules
-----------------------------
NAT Rulesets Information
-----------------------------
----------------------------------------------------------------------------
DESTINATION
rule   intf        match                                   translation
----   ----        -----                                   -----------
120    dp0s5    proto tcp to 172.16.139.100 port 80 ipv4 tag 0 dynamic 10.0.0.102
port 1-65535 <-any

The following example shows how to display current statistics for destination NAT.

vyatta@vyatta:~$ show nat destination statistics
rule    pkts            bytes                   interface       used/total
----    ----            -----                   ---------       ----------
120     14              1036                    dp0s5           2/65535
Note:

The used/total column refers to the translation space as defined by the NAT rule. The value is equivalent to the number of addresses multiplied by the number of ports. DNAT can exceed the translation space while SNAT cannot. In SNAT, if the translation space is exhausted, the remaining packets are dropped.

The following example shows how to display destination NAT translation information.

vyatta@vyatta:~$ show nat destination translations
Pre-NAT                  Post-NAT                Prot       Timeout

172.16.139.100:80        10.0.0.102:80           tcp        25