Setting the Aging Time for NAT Session Entries
The aging time of NAT session entries of each protocol can be set. After the configured aging time elapses, NAT session entries age, and system resources can be released.
Procedure
- Run system-view
The system view is displayed.
- (Optional) Run nat session long-link [ inbound | outbound ] tcp { source-ip ip-address ip-mask [ source-port port-number ] [ vpn-instance vpn-instance-name ] | destination-ip ip-address ip-mask [ destination-port port-number ] [ vpn-instance vpn-instance-name ] } *
The long connection policy for NAT TCP session tables is configured.
After this policy is configured, the aging time of the TCP connection of a specified session is changed to 200 hours by default. To re-set the aging time of the long TCP connection, run the nat session aging-time command.
- Run nat session aging-time { dns | fin-rst | fragment | ftp | http | icmp | pptp | rtsp | sip | syn | tcp [ long-link ] | udp }aging-time
The aging time is set for NAT session entries of each protocol.The changed aging time does not take effect for the generated NAT session entries.
- (Optional) Run nat instance instance-name [ id id ]
The NAT instance view is displayed.
- Run nat session aging-time { dns | fin-rst | fragment | ftp | icmp | pptp | rtsp | sip | syn | tcp | udp }aging-time
The aging time is set for NAT session entries of each protocol.
If an aging time is set in a NAT instance, the aging time takes effect on sessions established in the instance. If no aging time is set in a NAT instance, the global aging time takes effect on sessions established in the instance.
- Run commit
The configuration is committed.
