Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ip nat translation ? dns-timeout Specify timeout for NAT DNS flows finrst-timeout Specify timeout for NAT TCP flows after a FIN or RST icmp-timeout Specify timeout for NAT ICMP flows max-entries Specify maximum number of NAT entries port-timeout Specify timeout for NAT TCP/UDP port specific flows pptp-timeout Specify timeout for NAT PPTP flows syn-timeout Specify timeout for NAT TCP flows after a SYN and no further data tcp-timeout Specify timeout for NAT TCP flows timeout Specify timeout for dynamic NAT translations udp-timeout Specify timeout for NAT UDP flows Router(config)#
Below lists the defaults value for the corresponding NAT timeouts:
| dns-timeout | 60 seconds (1 minute) |
| finrst-timeout | 60 seconds (1 minute) |
| icmp-timeout | 60 seconds (1 minute) |
| pptp-timeout | 86400 seconds (24 hours) |
| syn-timeout | 60 seconds (1 minute) |
| tcp-timeout | 86400 seconds (24 hours) |
| timeout | 86400 seconds (24 hours) |
| udp-timeout | 300 seconds (5 minutes) |
Below shows that the NAT timeout for an ICMP session is 1 minute:
Router#sh ip nat translations Pro Inside global Inside local Outside local Outside global --- 100.100.100.21 192.168.2.21 --- --- --- 100.100.100.22 192.168.2.22 --- --- Router# Router#sh ip nat translations Pro Inside global Inside local Outside local Outside global icmp 100.100.100.21:6 192.168.2.21:6 172.16.2.21:6 172.16.2.21:6 --- 100.100.100.21 192.168.2.21 --- --- --- 100.100.100.22 192.168.2.22 --- --- Router# 00:51:44: NAT*: s=192.168.2.21->100.100.100.21, d=172.16.2.21 [30] 00:51:44: NAT*: s=172.16.2.21, d=100.100.100.21->192.168.2.21 [30] 00:52:44: NAT: expiring 100.100.100.21 (192.168.2.21) icmp 6 (6) Router#
No comments:
Post a Comment