inat¶
The following operations can be performed on "inat":
add | rm | set | unset | stat | show
add inat¶
Adds an INAT rule to the NetScaler appliance. When a packet generated by a client matches the conditions specified in the INAT rule, the appliance translates the packet's public destination IP address to a private destination IP address and forwards the packet to the server at that address.
Synopsys¶
add inat <name>@ <publicIP>@ <privateIP>@ [-tcpproxy ( ENABLED | DISABLED )] [-ftp ( ENABLED | DISABLED )] [-tftp ( ENABLED | DISABLED )] [-usip ( ON | OFF )] [-usnip ( ON | OFF )] [-proxyIP <ip_addr|ipv6_addr>] [-useproxyport ( ENABLED | DISABLED )] [-mode STATELESS] [-td <positive_integer>]
Arguments¶
name
Name for the Inbound NAT (INAT) entry. Leading character must be a number or letter. Other characters allowed, after the first character, are @ _ - . (period) : (colon) # and space ( ).
publicIP
Public IP address of packets received on the NetScaler appliance. Can be aNetScaler-owned VIP or VIP6 address.
privateIP
IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.
tcpproxy
Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.
Possible values: ENABLED, DISABLED
Default value: DISABLED
ftp
Enable the FTP protocol on the server for transferring files between the client and the server.
Possible values: ENABLED, DISABLED
Default value: DISABLED
tftp
To enable/disable TFTP (Default DISABLED).
Possible values: ENABLED, DISABLED
Default value: DISABLED
usip
Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.
Possible values: ON, OFF
Default value: OFF
usnip
Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.
Possible values: ON, OFF
Default value: ON
proxyIP
Unique IP address used as the source IP address in packets sent to the server. Must be a MIP or SNIP address.
useproxyport
Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.
Possible values: ENABLED, DISABLED
Default value: ENABLED
mode
Stateless translation.
Possible values: STATELESS
td
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
Minimum value: 0
Maximum value: 4094
Example¶
add nat mynat 1.2.3.4 192.168.1.100
rm inat¶
Remove the specified Inbound NAT configuration.
Synopsys¶
rm inat <name>@
Arguments¶
name
Name of the Inbound NAT entry to be removed from the NetScaler appliance.
Example¶
rm nat mynat.
set inat¶
Modifies parameters of an INAT rule.
Synopsys¶
set inat <name>@ [-privateIP <ip_addr|ipv6_addr>@] [-tcpproxy ( ENABLED | DISABLED )] [-ftp ( ENABLED | DISABLED )] [-tftp ( ENABLED | DISABLED )] [-usip ( ON | OFF )] [-usnip ( ON | OFF )] [-proxyIP <ip_addr|ipv6_addr>] [-useproxyport ( ENABLED | DISABLED )] [-mode STATELESS]
Arguments¶
name
The name of the Inbound NAT (INAT) entry that you want to modify.
privateIP
IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.
tcpproxy
Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.
Possible values: ENABLED, DISABLED
Default value: DISABLED
ftp
Enable the FTP protocol on the server for transferring files between the client and the server.
Possible values: ENABLED, DISABLED
Default value: DISABLED
tftp
To enable/disable TFTP (Default DISABLED).
Possible values: ENABLED, DISABLED
Default value: DISABLED
usip
Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.
Possible values: ON, OFF
Default value: OFF
usnip
Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.
Possible values: ON, OFF
Default value: ON
proxyIP
A unique IP address used as the source IP address in packets sent to the server. Must be a MIP or SNIP address.
useproxyport
Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.
Possible values: ENABLED, DISABLED
Default value: ENABLED
mode
Stateless translation.
Possible values: STATELESS
Example¶
set nat mynat -tcpproxy ENABLED
unset inat¶
Use this command to remove inat settings.Refer to the set inat command for meanings of the arguments.
Synopsys¶
unset inat <name>@ [-tcpproxy] [-ftp] [-tftp] [-usip] [-usnip] [-proxyIP] [-useproxyport] [-mode]
stat inat¶
Display statistics for inat sessions.
Synopsys¶
stat inat [<name>] [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]
Arguments¶
name
The INAT.
detail
Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.
fullValues
Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated
ntimes
The number of times, in intervals of seven seconds, the statistics should be displayed.
Default value: 1
Minimum value: 0
logFile
The name of the log file to be used as input.
clearstats
Clear the statsistics / counters
Possible values: basic, full
Outputs¶
count
devno
stateflag
Outputs¶
TCP Packets translated (V4->V6) (nat46TotTcp46)
Total TCP packets translated (V4->v6).
UDP Packets translated (V4->V6) (nat46TotUdp46)
Total UDP packets translated (V4->v6).
ICMP Packets translated (V4->V6) (nat46TotIcmp46)
Total ICMP packets translated (V4->v6).
Total IPV4 packets dropped (nat46Totdrop46)
Total IPV4 packets dropped.
TCP Packets translated (V6->V4) (nat46TotTcp64)
Total TCP packets translated (V6->v4).
UDP Packets translated (V6->V4) (nat46TotUdp64)
Total UDP packets translated (V6->v4).
ICMP Packets translated (V6->V4) (nat46TotIcmp64)
Total ICMP packets translated (V6->v4).
Total IPV6 packets dropped (nat46Totdrop64)
Total IPV6 packets dropped.
TCP Packets translated (V4->V6) (inatNat46Tcp46)
TCP packets translated (V4->v6).
UDP Packets translated (V4->V6) (inatNat46Udp46)
UDP packets translated (V4->v6).
ICMP Packets translated (V4->V6) (inatNat46Icmp46)
ICMP packets translated (V4->v6).
IPV4 packets dropped (inatNat46drop46)
IPV4 packets dropped.
TCP Packets translated (V6->V4) (inatNat46Tcp64)
TCP packets translated (V6->v4).
UDP Packets translated (V6->V4) (inatNat46Udp64)
UDP packets translated (V6->v4).
ICMP Packets translated (V6->V4) (inatNat46Icmp64)
ICMP packets translated (V6->v4).
IPV6 packets dropped (inatNat46drop64)
IPV6 packets dropped.
Example¶
stat inat
show inat¶
show all configured inbound NAT.
Synopsys¶
show inat [<name>]
Arguments¶
name
Name for the Inbound NAT (INAT) entry. Leading character must be a number or letter. Other characters allowed, after the first character, are @ _ - . (period) : (colon) # and space ( ).
Outputs¶
publicIP
Public IP address of packets received on the NetScaler appliance. Can be aNetScaler-owned VIP or VIP6 address.
privateIP
IP address of the server to which the packet is sent by the NetScaler. Can be an IPv4 or IPv6 address.
proxyIP
Source IP address for connection to a server.
tcpproxy
Enable TCP proxy, which enables the NetScaler appliance to optimize the RNAT TCP traffic by using Layer 4 features.
ftp
Enable the FTP protocol on the server for transferring files between the client and the server.
tftp
To enable/disable TFTP (Default DISABLED).
usip
Enable the NetScaler appliance to retain the source IP address of packets before sending the packets to the server.
usnip
Enable the NetScaler appliance to use a SNIP address as the source IP address of packets before sending the packets to the server.
useproxyport
Enable the NetScaler appliance to proxy the source port of packets before sending the packets to the server.
flags
Flags for different modes
mode
Stateless translation.
td
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
devno
count
stateflag
Example¶
show nat