Product Documentation

inat

Sep 12, 2016

The following operations can be performed on "inat":

add | rm | set | unset | stat | show

add inat

Adds an INAT rule to the NetScaler appliance. When a packet generated by a client matches the conditions specified in the INAT rule, the appliance translates the packet's public destination IP address to a private destination IP address and forwards the packet to the server at that address.

Synopsys

add inat <name>@ <publicIP>@ <privateIP>@ [-mode STATELESS | -tcpproxy ( ENABLED | DISABLED ) | -ftp ( ENABLED | DISABLED ) | -tftp ( ENABLED | DISABLED ) | -usip ( ON | OFF ) | -usnip ( ON | OFF ) | -proxyIP <ip_addr|ipv6_addr> | -useproxyport ( ENABLED | DISABLED )] [-td <positive_integer>]

Arguments

name

Name for the Inbound NAT (INAT) entry. Leading character must be a number or letter. Other characters allowed, after the first character, are @ _ - . (period) : (colon) # and space ( ).

publicIP

Public IP address of packets received on the NetScaler appliance. Can be aNetScaler-owned VIP or VIP6 address.

privateIP

IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.

mode

Stateless translation.

Possible values: STATELESS

tcpproxy

Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.

Possible values: ENABLED, DISABLED

Default value: DISABLED

ftp

Enable the FTP protocol on the server for transferring files between the client and the server.

Possible values: ENABLED, DISABLED

Default value: DISABLED

tftp

To enable/disable TFTP (Default DISABLED).

Possible values: ENABLED, DISABLED

Default value: DISABLED

usip

Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.

Possible values: ON, OFF

Default value: VAL_NOT_SET

usnip

Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.

Possible values: ON, OFF

Default value: VAL_NOT_SET

proxyIP

Unique IP address used as the source IP address in packets sent to the server. Must be a MIP or SNIP address.

useproxyport

Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.

Possible values: ENABLED, DISABLED

Default value: ENABLED

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

Example

add nat mynat 1.2.3.4 192.168.1.100

rm inat

Remove the specified Inbound NAT configuration.

Synopsys

rm inat <name>@

Arguments

name

Name of the Inbound NAT entry to be removed from the NetScaler appliance.

Example

rm nat mynat.

set inat

Modifies parameters of an INAT rule.

Synopsys

set inat <name>@ [-privateIP <ip_addr|ipv6_addr>@] [-tcpproxy ( ENABLED | DISABLED )] [-ftp ( ENABLED | DISABLED )] [-tftp ( ENABLED | DISABLED )] [-usip ( ON | OFF )] [-usnip ( ON | OFF )] [-proxyIP <ip_addr|ipv6_addr>] [-useproxyport ( ENABLED | DISABLED )] [-mode STATELESS]

Arguments

name

The name of the Inbound NAT (INAT) entry that you want to modify.

privateIP

IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.

tcpproxy

Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.

Possible values: ENABLED, DISABLED

Default value: DISABLED

ftp

Enable the FTP protocol on the server for transferring files between the client and the server.

Possible values: ENABLED, DISABLED

Default value: DISABLED

tftp

To enable/disable TFTP (Default DISABLED).

Possible values: ENABLED, DISABLED

Default value: DISABLED

usip

Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.

Possible values: ON, OFF

Default value: VAL_NOT_SET

usnip

Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.

Possible values: ON, OFF

Default value: VAL_NOT_SET

proxyIP

A unique IP address used as the source IP address in packets sent to the server. Must be a MIP or SNIP address.

useproxyport

Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.

Possible values: ENABLED, DISABLED

Default value: ENABLED

mode

Stateless translation.

Possible values: STATELESS

Example

set nat mynat -tcpproxy ENABLED

unset inat

Use this command to remove inat settings.Refer to the set inat command for meanings of the arguments.

Synopsys

unset inat <name>@ [-tcpproxy] [-ftp] [-tftp] [-usip] [-usnip] [-proxyIP] [-useproxyport] [-mode]

stat inat

Display statistics for inat sessions.

Synopsys

stat inat [<name>] [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]

Arguments

name

The INAT.

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

Outputs

count

devno

stateflag

Outputs

TCP Packets translated (V4->V6) (nat46TotTcp46)

Total TCP packets translated (V4->v6).

UDP Packets translated (V4->V6) (nat46TotUdp46)

Total UDP packets translated (V4->v6).

ICMP Packets translated (V4->V6) (nat46TotIcmp46)

Total ICMP packets translated (V4->v6).

Total IPV4 packets dropped (nat46Totdrop46)

Total IPV4 packets dropped.

TCP Packets translated (V6->V4) (nat46TotTcp64)

Total TCP packets translated (V6->v4).

UDP Packets translated (V6->V4) (nat46TotUdp64)

Total UDP packets translated (V6->v4).

ICMP Packets translated (V6->V4) (nat46TotIcmp64)

Total ICMP packets translated (V6->v4).

Total IPV6 packets dropped (nat46Totdrop64)

Total IPV6 packets dropped.

TCP Packets translated (V4->V6) (inatNat46Tcp46)

TCP packets translated (V4->v6).

UDP Packets translated (V4->V6) (inatNat46Udp46)

UDP packets translated (V4->v6).

ICMP Packets translated (V4->V6) (inatNat46Icmp46)

ICMP packets translated (V4->v6).

IPV4 packets dropped (inatNat46drop46)

IPV4 packets dropped.

TCP Packets translated (V6->V4) (inatNat46Tcp64)

TCP packets translated (V6->v4).

UDP Packets translated (V6->V4) (inatNat46Udp64)

UDP packets translated (V6->v4).

ICMP Packets translated (V6->V4) (inatNat46Icmp64)

ICMP packets translated (V6->v4).

IPV6 packets dropped (inatNat46drop64)

IPV6 packets dropped.

Example

stat inat

show inat

show all configured inbound NAT.

Synopsys

show inat [<name>]

Arguments

name

Name for the Inbound NAT (INAT) entry. Leading character must be a number or letter. Other characters allowed, after the first character, are @ _ - . (period) : (colon) # and space ( ).

Outputs

publicIP

Public IP address of packets received on the NetScaler appliance. Can be aNetScaler-owned VIP or VIP6 address.

privateIP

IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.

proxyIP

Source IP address for connection to a server.

tcpproxy

Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.

ftp

Enable the FTP protocol on the server for transferring files between the client and the server.

tftp

To enable/disable TFTP (Default DISABLED).

usip

Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.

usnip

Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.

useproxyport

Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.

flags

Flags for different modes

mode

Stateless translation.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

devno

count

stateflag

Example

show nat