Product Documentation

rnat

Sep 12, 2016

The following operations can be performed on "rnat":

clear rnat

Removes an RNAT rule from the NetScaler appliance.

Synopsys

clear rnat ((<network> [<netmask>]) | (<aclname> [-redirectPort])) [-natIP <ip_addr|*>@ ...] [-td <positive_integer>] [-ownerGroup <string>]

Arguments

network

The network address defined for the RNAT entry.

netmask

The subnet mask for the network address.

aclname

An extended ACL defined for the RNAT entry.

redirectPort

The port number to which the packets are redirected.

natIP

The NAT IP address defined for the RNAT entry.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

ownerGroup

The owner node group in a Cluster for this rnat rule.

Default value: DEFAULT_NG

set rnat

Modifies parameters of an RNAT rule.

Synopsys

set rnat ((<network> [<netmask>] [-natIP <ip_addr|*>@ ...]) | (<aclname> [-redirectPort <port>] [-natIP <ip_addr|*>@ ...])) [-td <positive_integer>] [-srcippersistency ( ENABLED | DISABLED )] [-useproxyport ( ENABLED | DISABLED )] [-ownerGroup <string>] [-connfailover ( ENABLED | DISABLED )]

Arguments

network

IPv4 network address on whose traffic you want the NetScaler appliance to do RNAT processing.

netmask

Subnet mask associated with the network address.

natIP

The NAT IP(s) assigned to the RNAT.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

aclname

Name of any configured extended ACL whose action is ALLOW. The condition specified in the extended ACL rule isused as the condition for the RNAT6 rule.

redirectPort

The port number to which the packets are redirected.

Minimum value: 1

Maximum value: 65535

srcippersistency

Enables the NetScaler appliance to use the same NAT IP address for all RNAT sessions initiated from a particular server.

Possible values: ENABLED, DISABLED

Default value: DISABLED

useproxyport

Enable source port proxying, which enables the NetScaler appliance to use the RNAT ips using proxied source port.

Possible values: ENABLED, DISABLED

Default value: ENABLED

ownerGroup

The owner node group in a Cluster for this rnat rule.

Default value: DEFAULT_NG

connfailover

Synchronize connection information with the secondary appliance in a high availability (HA) pair. That is, synchronize all connection-related information for the RNAT session. In order for this to work, tcpproxy should be DISABLED. To disable tcpproxy use "set rnatparam tcpproxy DISABLED"

Possible values: ENABLED, DISABLED

Default value: DISABLED

unset rnat

Use this command to modify the parameters of configured Reverse NAT on the system..Refer to the set rnat command for meanings of the arguments.

Synopsys

unset rnat ((<network> [<netmask>]) | (<aclname> [-redirectPort])) [-td <positive_integer>] [-natIP <ip_addr|*>@ ...] [-srcippersistency] [-ownerGroup <string>] [-useproxyport] [-connfailover]

stat rnat

Display statistics for rnat sessions.

Synopsys

stat rnat [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]

Arguments

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

Outputs

Bytes Received (rnatRxBytes)

Bytes received during RNAT sessions.

Bytes Sent (rnatTxBytes)

Bytes sent during RNAT sessions.

Packets Received (rnatRxPkts)

Packets received during RNAT sessions.

Packets Sent (rnatTxPkts)

Packets sent during RNAT sessions.

Syn Sent (rnatTxSyn)

Requests for connections sent during RNAT sessions.

Current RNAT sessions (rnatSessions)

Currently active RNAT sessions.

Example

stat rnat

show rnat

Display the Reverse NAT configuration.

Synopsys

show rnat

Outputs

network

The network address.

netmask

Subnet mask associated with the network address.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

natIP

Nat IP Address.

aclname

Name of any configured extended ACL whose action is ALLOW. The condition specified in the extended ACL rule isused as the condition for the RNAT6 rule.

redirectPort

The port number to which the packets are redirected.

srcippersistency

Enables the NetScaler appliance to use the same NAT IP address for all RNAT sessions initiated from a particular server.

useproxyport

Enable source port proxying, which enables the NetScaler appliance to use the RNAT ips using proxied source port.

cfgflags

This contains the flags for RNAT in DB

ownerGroup

The owner node group in a Cluster for this rnat rule.

connfailover

Synchronize connection information with the secondary appliance in a high availability (HA) pair. That is, synchronize all connection-related information for the RNAT session. In order for this to work, tcpproxy should be DISABLED. To disable tcpproxy use "set rnatparam tcpproxy DISABLED"

devno