04-12-2011 10:39 AM
Hello,
I'm trying to monitor nat stats using snmp in the newer IOS versions. I had it working pre 12.4(22)T, but now it seems as if the oid has changed.
2811#show ip nat statistics
Total active translations: 29 (0 static, 29 dynamic; 29 extended)
Peak translations: 43, occurred 1d13h ago
Outside interfaces:
FastEthernet0/1
Inside interfaces:
Loopback0, Virtual-Template1
Hits: 82385 Misses: 0
CEF Translated packets: 66829, CEF Punted packets: 3876
Expired translations: 5233
Dynamic mappings:
-- Inside Source
[Id: 1] access-list nat pool inet refcount 30
pool inet: netmask 255.255.255.192
start 111.111.111.110 end 111.111.111.111
type generic, total addresses 1, allocated 1 (100%), misses 0
Total doors: 1
Appl doors: 1
Normal doors: 0
Queued Packets: 0
The number i'm looking for is the Total active translations. If you try it on a router that has 12.4(20)T it will work, seems as if anything newer does not.
Dan.
04-13-2011 01:48 AM
Hi Dan,
There is currently no MIB that has the "show ip nat statistics" output. An enhancement
request was opened against this, but so far there are no plans to add this to the MIBs.
Here is the enhancement request ID and release notes:
CSCdr25202 no mib variable for ip nat statistics for total active translations
"snmp mib variable for the command: show ip nat statistics for the total active
translations is not present at the moment.
This is an enhancement request. The work-around is to issue the command on the device itself (via CLI)."
Thanks,
Gaganjeet
11-24-2011 03:02 AM
Hi Gagenjeet,
I also need this feature for IOS 15.0(1)M3. I have an 2901/K9 Router. When will it be available?
Thanks and regardes
Torsten
06-27-2018 12:55 AM
Dear community,
does anyone know if there are any updates regarding bug CSCdr25202? I still have this issue with Cisco ASR1001-HX 16.06.03 which we have here for evaluation. There still seems to be no sufficient OID implemented to get the current number of active NAT translations.
Thanks in advance.
BR, Niels
11-29-2012 12:41 PM
okay. is this really still true? really? i'll go dump some MIB's to see. but it sure would be helpful to have this. otherwise we end up troubleshooting things all too much...
thanks for any update/info.. this is a year later than the last post.
2921 on 15.1(4)M3.
thanks!
09-12-2013 03:12 AM
Please please Mr. Cisco
Implement this feature.
10-09-2013 01:51 PM
It looks like the info is defined in CISCO-NAT-EXT-MIB, but there doesn't seem to be any software which supports it:
For shame.
++I;
06-07-2017 11:00 AM
I wanted to kick the tires on this old thread because somewhere in my travels, I needed to extract some similar information. I ended up writing and using a TCL script to pull some general information, and figured it would be good for the folks looking here.
Here's natstat.tcl, which I put in the main directory on the router (flash: at the time)
::cisco::eem::event_register_timer cron name timer_natstat cron_entry "* * * * *" namespace import ::cisco::eem::* namespace import ::cisco::lib::* ## Extract Statistics # set natStat [ exec "show ip nat statistics" ] if [catch {cli_open} result] { puts stderr $result exit 1 } else { array set cli1 $result } if [catch {cli_exec $cli1(fd) "show ip nat statistics"} result] { error $result $errorInfo } else { set natStat $result } if [catch {cli_close $cli1(fd) $cli1(tty_id)} result] { puts stderr $result exit 1 } ## Process Output set natMsg "" # Pull out number of active translations, if we have it. if [ regexp -all {active translations} $natStat ] { set natActive [ regexp -inline {active translations: ([0-9]+)} $natStat ] set natActive [ regexp -inline {[0-9]+} $natActive ] append natMsg "Active: $natActive " } # Pull out number of peak translations, if we have it. if [ regexp -all {Peak translations} $natStat ] { set natPeak [ regexp -inline {Peak translations: ([0-9]+)} $natStat ] set natPeak [ regexp -inline {[0-9]+} $natPeak ] append natMsg "Peak: $natPeak " } # Pull out the number of expired translations, if we have it. if [ regexp -all {Expired translations} $natStat ] { set natExpired [ regexp -inline {Expired translations: ([0-9]+)} $natStat ] set natExpired [ regexp -inline {[0-9]+} $natExpired ] # Load context variable natCvar. Set to 0 if this hasn't been set. if { [catch {context_retrieve CONTEXT_NATEXP natCvar} result] } { set natLastExpired 0 } else { set natLastExpired $result } # Return the number of translations expired in the last interval. # Append an asterisk for an incomplete interval. if [ expr $natLastExpired <= $natExpired ] { append natMsg "Interval Expired: " [expr $natExpired - $natLastExpired ] } else { append natMsg "Interval Expired: $natExpired*" } # Save context variable natCvar. We'll use this to calculate the difference next time the script is run. set natCvar $natExpired catch {context_save CONTEXT_NATEXP natCvar} } ## Send to syslog! action_syslog priority info msg $natMsg
And enable it as such:
configure terminal ! event manager directory user policy "flash:/" event manager directory user library "flash:/" event manager policy natstat.tcl ! end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide