Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

show nat source

Displays configured source NAT (SNAT) rules.

show nat source [ rules | statistics | translations ]
rules
Source NAT rules.
statistics
Source NAT statistics such as address and port information.
translations
Source NAT translations.

Operational mode

Use this command to display the NAT rules you have configured. You can use this command for troubleshooting, to confirm whether traffic is matching the NAT rules as expected.

The following example shows how to display source rules for NAT.

vyatta@vyatta:~$ show nat source rules
--------------------------------------
NAT Rulesets Information
------------------------
-----------------------------------------------------------------------
SOURCE
rule    intf        match       translation
----    ----        -----       -----------
20      dp0s5       proto 1 from 10.0.0.102 to 172.16.140.200 tag 0 dynamic any ->
172.16.139.100
30      dp0s5        from 10.0.0.0/24 ipv4 tag 0          dynamic any -> masquerade

The following example shows how to display current statistics for source NAT.

vyatta@vyatta:~$ show nat source statistics
rule   pkts   bytes  interface  used/total
----   ----   -----  ---------  ----------
1      111    20006  dp0s5      1/65535
2      0      0      dp0s5      0/11
Note:

The used/total column refers to the translation space as defined by the NAT rule. The value is equivalent to the number of addresses multiplied by the number of ports. DNAT can exceed the translation space while SNAT cannot. In SNAT, if the translation space is exhausted, the remaining packets are dropped.

The following example shows how to display source NAT translation information.

vyatta@vyatta:~$ show nat source translations
Pre-NAT               Post-NAT                Prot     Timeout

10.0.0.101:56803      172.16.139.100:56803    tcp      86375
10.0.0.102:48635      172.16.139.100:48635    tcp      0
10.0.0.102:56279      172.16.139.100:56279    tcp      0
10.0.0.102:56432      172.16.139.100:56432    tcp      4
10.0.0.102            172.16.139.100          icmp     59