Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
833
Views
5
Helpful
4
Replies

Are port numbers following IP addresses in show ip nat translations in dynamic NAT configuration?

Mary Leon
Level 1
Level 1

‎05-14-2021 01:23 AM

Hello, everyone,

 

I have noticed there are numbers following the IP addresses in dynamic NAT configuration (see attached picture).

 

I know in a PAT configuration (overload) those numbers are port numbers. I'm wondering if they are port numbers in dynamic NAT  (I'm using a Packet Tracer project in a 2811 router.

 

Thank you in advance.

 

Labels:
Preview file
4 KB
0 Helpful
4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-14-2021 02:34 PM

Hello @Mary Leon ,

your test traffic is based on ICMP only and ICMP has no port concept that are TCP and UDP specific.

 

for further reading

https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-codes-9

 

 

Hope to help

Giuseppe

 

0 Helpful

Mary Leon
Level 1
Level 1
In response to Giuseppe Larosa

‎05-17-2021 03:00 AM

Hello, Giuseppe and thank you for your answer.

I'm sorry, of course you're right, ICMP does not manage port numbers.

But, then, what are those numbers following : ?

 

Thank you in advance.

0 Helpful

Mary Leon
Level 1
Level 1
In response to Mary Leon

‎05-19-2021 06:56 AM

Excuse me for insisting.

 

Were you suggesting those numbers following ":" are ICMP codes? Because I don't think so, in my scenario they were just echo request and echo reply and in other tests, numbers were different...

 

Thank you in advance.

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Mary Leon

‎05-19-2021 09:45 AM - edited ‎05-19-2021 09:45 AM

Hello @Mary Leon ,

>> Were you suggesting those numbers following ":" are ICMP codes?

I actually was thinking this at the beginning, but the values as you have noted do not match with ICMP echo and ICMP echo reply codes that are 8 and 0 respectively.

At this point another possible interpretation of those values are the number of single translations per NAT entry.

 

I would suggest you to try to investigate in this sense. If you make three attempts to ping an OUTSIDE global address from an INSIDE local host you may get 3.

 

Here the ICMP entry expiration timer should be much lower then UDP or TCP so each attempt to ping should be seen as a separate NAT hit

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card