No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE20E-S2 V800R010C10SPC500 Feature Description - NAT and IPv6 Transition 01

This is NE20E-S2 V800R010C10SPC500 Feature Description - NAT and IPv6 Transition
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
NAT Logging

NAT Logging

Purpose

NAT logs record information about private network users' access to public networks and public network users' access to private networks. Without NAT Logging, a NAT device cannot locate a private network user's operation because multiple private network users share the same public IP address. NAT Logging enables the NAT device to record and trace information about user access, which improves network security.

NE20E supports flow logs.

Flow Logs

Flow logs apply when a NAT device establishes flow tables and age flow tables. Flow logs carrying binary information are sent to a log server. Each log message contains the source private IP address, source private port number, destination IP address, and mapped source public IP address, mapped source public port number, and protocol number. Flow logging can be used to trace user information and monitor private network users who access public networks.

Flow logs support the binary formats and are transmitted through a configured UDP port.

Flow logs support Elog format and Netstream format.

Elogs Flow Log Format

Table 2-1 Description of log syntax fields

Field

Description

Length in Bytes

version

Version number: The value is 0x01.

1

log_type

Log type. The value is fixed to 0x04.

1

count

Number of flow records in an existing packet.

2

unix_sec

Number of seconds since January 1, 1970, 00:00 (UTC).

4

flow_sequence

Sequence number of a packet (5-bit NAT instance type + 24-bit sequence number).

4

device_id

Device model. The value is fixed to 0x00.

2

slot

Slot ID of a service board on which a flow elog is generated. The value is fixed to 0x00.

1

instance_id

ID of a NAT instance.

1

prot

Type of the protocol running on the IP network.

1

operator

Operation string.

1

ip_ver

IP version number.

1

tos_ipv4

IP ToS.

1

sip

Source IP address.

4

natsip

IP address after NAT is implemented.

4

dip

Destination IP address.

4

natdip

Destination IP address after NAT is implemented.

4

sport

Source port number.

2

natsport

Source port number after NAT is implemented.

2

dport

Destination port number.

2

natdport

Destination port number after NAT is implemented.

2

stime

Start time of a flow.

4

etime

End time of a flow.

4

inpkt

Number of user-to-network flow packets.

4

inbyte

Number of bytes of user-to-network flow packets.

4

outpkt

Number of network-to-user flow packets.

4

outbyte

Number of bytes of network-to-user flow packets.

4

svpn

Source VPN ID.

2

dvpn

Destination VPN ID.

2

pad1

Reserved.

4

pad2

Reserved.

4

Figure 2-13 Example flow elog

NetStream Flow Log Format

Table 2-2 Description of log syntax fields

Field

Description

Length in Bytes

Remarks

version

Version number. The value is fixed to 9.

2

It is carried in the header of a flow NetStream log packet.

count

Sum of the number of template FlowSet records and the number of data FlowSet records.

2

sysUpTime

Time used since the service board is powered on, in milliseconds.

4

UNIX Secs

Number of seconds since January 1, 1970, 00:00 (UTC).

4

Sequence Number

Sequence number of a packet.

4

Source ID

It is calculated based on the CPU ID, slot ID, scenario, and instance ID.

4

FlowSet ID

The value of this field is 0.

2

It identifies a NetStream log template.

Length

Length of a NetStream log template. It is expressed in bytes.

2

Template ID

ID of a NetStream log template:
  • In a session creation scenario, the value is 259.
  • In a session deletion scenario, the value is 260.

2

Field Count

The value of this field is 13.

2

timeStamp

Timestamp of a packet.

2

Length

Length of the timestamp.

2

vlanID

VPN ID.

2

Length

Length of the VPN ID.

2

Source IPv4 Address

Source IPv4 address.

2

Length

Length of the source IPv4 address.

2

Post NAT Source IPv4 Address

Source IPv4 address after NAT is implemented.

2

Length

Length of the source IPv4 address after NAT is implemented.

2

Protocol Identifier

Identifier of an IP protocol.

2

Length

Length of the IP protocol.

2

Source Transport Port

Source port number.

2

Length

Length of the source port number.

2

Post NAT source Transport Port

Source port number after NAT is implemented.

2

Length

Length of the source port number after NAT is implemented.

2

Destination IPv4 Address

Destination IPv4 address.

2

Length

Length of the destination IPv4 address.

2

Post NAT Destination IPv4 Address

Destination IPv4 address after NAT is implemented.

2

Length

Length of the destination IPv4 address after NAT is implemented.

2

Destination Transport Port

Destination port number.

2

Length

Length of the destination port number.

2

Post NAT destination Transport Port

Destination port number after NAT is implemented.

2

Length

Length of the destination port number after NAT is implemented.

2

Length

Length of the initiator of a session.

2

natEvent

Type of a NAT event.

2

Length

Length of the type of a NAT event.

2

FlowSet ID

ID of a FlowSet record.

2

It is the body of a NetStream log packet.

Length

Length of the sum of data FlowSet records.

2

timeStamp

Timestamp of a packet.

8

vlanID

VPN ID.

4

Source IPv4 Address

Source IPv4 address.

4

Post NAT Source IPv4 Address

Source IPv4 address after NAT is implemented.

4

Protocol Identifier

Identifier of an IP protocol.

1

Source Transport Port

Source port number.

2

Post NAT source Transport Port

Source port number after NAT is implemented.

2

Destination IPv4 Address

Destination IPv4 address.

4

Post NAT Destination IPv4 Address

Destination IPv4 address after NAT is implemented.

4

Destination Transport Port

Destination port number.

2

Post NAT destination Transport Port

Destination port number after NAT is implemented.

2

Nat Originating Address Realm

Initiator of a session:
  • For an access from a private network to a public network, the value is 1.
  • For an access from a public network to a private network, the value is 2.

1

Nat Event

Type of a NAT event.

1

Figure 2-14 Example flow NetStream log (parsed)
Translation
Download
Updated: 2019-01-02

Document ID: EDOC1100055472

Views: 2311

Downloads: 3

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next