No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Feature Description - NAT and IPv6 Transition 01

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
CGN Logging

CGN Logging

Purpose

NAT logs record information about private network users' access to public networks and public network users' access to private networks. Without CGN Logging, a NAT device cannot locate a private network user's operation because multiple private network users share the same public IP address. CGN Logging enables the NAT device to record and trace information about user access, which improves network security.

NAT logs include User logs and flow logs.

User Logs

User logs apply to centralized NAT devices working in port pre-allocation mode and semi-dynamic port allocation mode. User logs record mappings between private IP addresses and the set of public IP addresses and port ranges. A NAT device sends a user Log message only when receiving the first data packet sent by a user or after all user sessions age. User Logs is recommended for the semi-dynamic port allocation mode. User logs are displayed in syslog and NetStream format.

Flow Logs

Flow logs, used on centralized NAT devices, apply when a NAT device establishes flow tables and age flow tables. Flow logs carrying binary information are sent to a log server. Each log message contains the source private IP address, source private port number, destination IP address, and mapped source public IP address, mapped source public port number, and protocol number. Flow logs contain more contents than User logs. Flow logging can be use to trace user information and monitor private network users that access public networks.

Flow logs support the binary formats and are transmitted through a configured UDP port.

NOTE:

Only a single user log is recorded for a logged-in user. Each user can establish or disconnect to multiple network applications, and multiple logs are recorded. Therefore, flow logs outnumber user logs. If logs are used only for user source tracing, user logs are recommended.

Flow NetStream Log Format

Table 7-1  Description of log syntax fields

Field

Description

Length in Bytes

Remarks

version

Version number. The value is fixed to 9.

2

It is carried in the header of a flow NetStream log packet.

count

Sum of the number of template FlowSet records and the number of data FlowSet records.

2

sysUpTime

Time used since the service board is powered on, in milliseconds.

4

UNIX Secs

Number of seconds since January 1, 1970, 00:00 (UTC).

4

Sequence Number

Sequence number of a packet.

4

Source ID

It is calculated based on the CPU ID, slot ID, scenario, and instance ID.

4

FlowSet ID

The value of this field is 0.

2

It identifies a NetStream log template.

Length

Length of a NetStream log template. It is expressed in bytes.

2

Template ID

ID of a NetStream log template:
  • In a session creation scenario, the value is 259.
  • In a session deletion scenario, the value is 260.

2

Field Count

The value of this field is 13.

2

timeStamp

Timestamp of a packet.

2

Length

Length of the timestamp.

2

vlanID

VPN ID.

2

Length

Length of the VPN ID.

2

Source IPv4 Address

Source IPv4 address.

2

Length

Length of the source IPv4 address.

2

Post NAT Source IPv4 Address

Source IPv4 address after NAT is implemented.

2

Length

Length of the source IPv4 address after NAT is implemented.

2

Protocol Identifier

Identifier of an IP protocol.

2

Length

Length of the IP protocol.

2

Source Transport Port

Source port number.

2

Length

Length of the source port number.

2

Post NAT source Transport Port

Source port number after NAT is implemented.

2

Length

Length of the source port number after NAT is implemented.

2

Destination IPv4 Address

Destination IPv4 address.

2

Length

Length of the destination IPv4 address.

2

Post NAT Destination IPv4 Address

Destination IPv4 address after NAT is implemented.

2

Length

Length of the destination IPv4 address after NAT is implemented.

2

Destination Transport Port

Destination port number.

2

Length

Length of the destination port number.

2

Post NAT destination Transport Port

Destination port number after NAT is implemented.

2

Length

Length of the destination port number after NAT is implemented.

2

Length

Length of the initiator of a session.

2

natEvent

Type of a NAT event.

2

Length

Length of the type of a NAT event.

2

FlowSet ID

ID of a FlowSet record.

2

It is the body of a NetStream log packet.

Length

Length of the sum of data FlowSet records.

2

timeStamp

Timestamp of a packet.

8

vlanID

VPN ID.

4

Source IPv4 Address

Source IPv4 address.

4

Post NAT Source IPv4 Address

Source IPv4 address after NAT is implemented.

4

Protocol Identifier

Identifier of an IP protocol.

1

Source Transport Port

Source port number.

2

Post NAT source Transport Port

Source port number after NAT is implemented.

2

Destination IPv4 Address

Destination IPv4 address.

4

Post NAT Destination IPv4 Address

Destination IPv4 address after NAT is implemented.

4

Destination Transport Port

Destination port number.

2

Post NAT destination Transport Port

Destination port number after NAT is implemented.

2

Nat Originating Address Realm

Initiator of a session:
  • For an access from a private network to a public network, the value is 1.
  • For an access from a public network to a private network, the value is 2.

1

Nat Event

Type of a NAT event.

1

Example flow NetStream log:

Figure 7-1  Example flow NetStream log (parsed)
Download
Updated: 2018-07-04

Document ID: EDOC1100027155

Views: 19839

Downloads: 67

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next