Applies To:

Show Versions Show Versions

Manual Chapter: Using the Deterministic NAT log tool
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

About the DNAT utility

The deterministic NAT (DNAT) utility allows calculation of forward and reverse source address and port mapping of deterministic-mode LSN pools, by using the states stored in the analyzed TMM log file.

Using the DNAT utility to lookup deterministic NAT mappings

A knowledge of navigating in tmsh is suggested before using the DNAT utility. For detailed information about navigating in tmsh, see the Traffic Management Shell (tmsh) Reference Guide.
Deterministic NATs can reduce total log file size but require use of the DNAT utility (available in tmsh) to decipher the mapping. With the DNAT utility, you can calculate forward and reverse source address and port mapping of an LSN pool using deterministic mode based on the state stored in the specified TMM log file.
  1. Use an SSH tool to access the BIG-IP system from the command line.
  2. At the command line, type: tmsh. This starts tmsh in interactive shell mode and displays the prompt: (tmos)#.
  3. To show a list of translation address/port pairs used for a subscriber at 10.0.0.1:4321 connecting to 65.61.115.222:80, using the deterministic NAT states contained in /var/log/ltm, type the command: run util dnat --file /var/log/ltm --client_addr 10.0.0.1 --client_port 4321 --server_addr 65.61.115.222 --action forward Replace these example addresses with your actual client and server. This displays a list of the address/port pairs.
  4. To calculate a reverse mapping back to the subscriber address for the connection between 173.240.102.139:5678 and 65.61.115.222:80, using the DNAT states contained in /var/log/ltm.1, type the command: run util dnat --file /var/log/ltm.1 --server_addr 65.61.115.222 --client_addr 173.240.102.139 --client_port 5678 --action reverse This displays the reverse mapping.
  5. For more information about the DNAT utility, type the command: help util dnat at the tmsh prompt. The help file for the DNAT utility is displayed.
You now have the basic details for deciphering deterministic log files using the DNAT utility in tmsh.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)