Hi Carlo,

The indication 11,  28, 29 refers to the packet reference value. Say your 1st ping will get you 1... then further ping results will give you 2,3,4,5.... so on... So you are refering the 11th packet transmitted when u gave sh ip nat trans... But your debug shows current packet transmitted... So if you chk sh ip nat trans after initiating the requests parallely it will show the correct one. Do clear ip nat trans * and then try this... it shoudl show the correct values....

Router#

NAT: s=192.168.1.10->10.0.0.1, d=10.0.0.1 [13]

NAT: s=192.168.1.10->10.0.0.1, d=10.0.0.1 [14]sh ip nat

Router#sh ip nat tr

Router#sh ip nat translations

NAT: s=192.168.1.10->10.0.0.1, d=10.0.0.1 [15]

Pro  Inside global     Inside local       Outside local      Outside global

icmp 10.0.0.1:13       192.168.1.10:13    10.0.0.1:13        10.0.0.1:13

icmp 10.0.0.1:14       192.168.1.10:14    10.0.0.1:14        10.0.0.1:14

icmp 10.0.0.1:15       192.168.1.10:15    10.0.0.1:15        10.0.0.1:15

---  10.0.0.1          192.168.1.10       ---                ---

---  10.0.0.2          192.168.1.20       ---                ---

Router#

NAT: s=192.168.1.10->10.0.0.1, d=10.0.0.1 [16]

Please do rate if the given information helps.

By

Karthik

Doing some test I've reached this conclusion....

It seems id shown at the end of nat entry (11 in my previous post) is the identifier of the icmp packets belonging to the same ping train (same icmp identifier for all ping's packets) whereas value shown in the nat debug lines is the identifier carried by IP packet header for each ping's packet (incremented 1 by 1)

Here, for example, ping's packets icmp identifier is 1 for each of the 5 packets (ping default)

R2#

*Mar  1 00:05:13.019: NAT: i: icmp (192.168.0.1, 1) -> (192.168.0.3, 1) [5]

*Mar  1 00:05:13.023: NAT: s=192.168.0.1->10.10.2.10, d=192.168.0.3 [5]

*Mar  1 00:05:13.135: NAT*: o: icmp (192.168.0.3, 1) -> (10.10.2.10, 1) [5]

*Mar  1 00:05:13.135: NAT*: s=192.168.0.3, d=10.10.2.10->192.168.0.1 [5]

*Mar  1 00:05:13.239: NAT: i: icmp (192.168.0.1, 1) -> (192.168.0.3, 1) [6]

*Mar  1 00:05:13.239: NAT: s=192.168.0.1->10.10.2.10, d=192.168.0.3 [6]

*Mar  1 00:05:13.243: NAT*: o: icmp (192.168.0.3, 1) -> (10.10.2.10, 1) [6]

*Mar  1 00:05:13.247: NAT*: s=192.168.0.3, d=10.10.2.10->192.168.0.1 [6]

R2#

*Mar  1 00:05:13.267: NAT: i: icmp (192.168.0.1, 1) -> (192.168.0.3, 1) [7]

*Mar  1 00:05:13.267: NAT: s=192.168.0.1->10.10.2.10, d=192.168.0.3 [7]

*Mar  1 00:05:13.279: NAT*: o: icmp (192.168.0.3, 1) -> (10.10.2.10, 1) [7]

*Mar  1 00:05:13.279: NAT*: s=192.168.0.3, d=10.10.2.10->192.168.0.1 [7]

*Mar  1 00:05:13.335: NAT: i: icmp (192.168.0.1, 1) -> (192.168.0.3, 1) [8]

*Mar  1 00:05:13.335: NAT: s=192.168.0.1->10.10.2.10, d=192.168.0.3 [8]

*Mar  1 00:05:13.391: NAT*: o: icmp (192.168.0.3, 1) -> (10.10.2.10, 1) [8]

*Mar  1 00:05:13.391: NAT*: s=192.168.0.3, d=10.10.2.10->192.168.0.1 [8]

R2#

*Mar  1 00:05:13.415: NAT: i: icmp (192.168.0.1, 1) -> (192.168.0.3, 1) [9]

*Mar  1 00:05:13.419: NAT: s=192.168.0.1->10.10.2.10, d=192.168.0.3 [9]

*Mar  1 00:05:13.427: NAT*: o: icmp (192.168.0.3, 1) -> (10.10.2.10, 1) [9]

*Mar  1 00:05:13.427: NAT*: s=192.168.0.3, d=10.10.2.10->192.168.0.1 [9]

Do you agree with me ? Thanks.