Differences

This shows you the differences between two versions of the page.

--- en:dpi:opt_cgnat:cgnat_diagnostics [2024/10/16 13:14] – elena.krasnobryzh
+++ en:dpi:opt_cgnat:cgnat_diagnostics [2026/03/24 15:16] (current) – [Output of public addresses statistics] elena.krasnobryzh
@@ Line 1: / Line 1: @@
 ====== Description of NAT statistics ======
 {{indexmenu_n>4}}
-The output of statistics in fastdpi_stat.log is set by dbg_log_mask.
+NAT statistics can be logged to stat_log and via fdpi_ctrl.\\
+To view queue information, you can dump the NAT profile via fdpi_cli.
+===== Logging statistics to fastdpi_stat.log =====
+This is configured using the ''dbg_log_mask'' parameter in /etc/dpi/fastdpi.conf. \\
+A service reload is required for the changes to take effect: ''service fastdpi reload''\\
+**Example:** \\
+dbg_log_mask=0x2000000
 x40000   - output of NAT initialization details (profiles, public addresses, etc.) to the alert log \\
@@ Line 7: / Line 15: @@
 x2000000 - NAT statistics output.
-**Example:** \\
-dbg_log_mask=0x2000000
 ==== Common for all profiles ====
@@ Line 49: / Line 56: @@
 **Four groups группы:** \\
-group -- operations with public address ports
+group — operations with public address ports
 <code>
 /20/0/7/17:
@@ Line 60: / Line 67: @@
 </code>
-group -- general statistics
+group — general statistics
 <code>
 /0/0:
@@ Line 69: / Line 76: @@
 </code>
-group -- cache statistics //private --> public//
+group — cache statistics //private → public//
 <code>
 /20/0/50/0:
@@ Line 80: / Line 87: @@
 </code>
-group -- conversion statistics //public --> private// (//inet-->subs//)
+group — conversion statistics //public → private// (//inet→subs//)
 <code>
 /8/121:
-- successful translation public --> private
+- successful translation public → private
     - port is not in the allocated range of public ports
-  - translation public --> private was not found
+  - translation public → private was not found
 </code>
@@ Line 167: / Line 174: @@
 thr=0, ublock=1, uport=0
 thr=0 - worker thread number
-ublock=1 - public port blocks used
+ublock=1 - public ports blocks used
-uport=0 - public port used
+uport=0 - public ports used
 </code>
 <code>
@@ Line 188: / Line 195: @@
 ================================
-.168.4.20    crcip=0xd649d853        nttype=0        profile='cgnat' itrnsl=0 itrnsld=0       whiteip=94.140.198.86   sess_tcp=127    sess_udp=108   indmtd=4
+.168.4.20    crcip=0xd649d853        nttype=0        profile='cgnat' itrnsl=0 itrnsld=0       whiteip=94.140.198.86   sess_tcp=127     active_sess_tcp=0       sess_udp=108     active_sess_udp=1       indmtd=4
 </code>
@@ Line 201: / Line 208: @@
 whiteip=94.140.198.86 	- public address
 sess_tcp=127    	- number of TCP sessions
+active_sess_tcp=0	- Number of active NAT translations for TCP
 sess_udp=108   		- number of UDP sessions
+active_sess_udp=1	- Number of active NAT translations for UDP
 indmtd=4              	- internal index of subscriber data (subscriber metadata)
@@ Line 212: / Line 221: @@
 The format is the same.
-=== Key to command to view NAT profile statistics via fdpi_ctrl ===
+====List of NAT Translations====
+Tracking translation lifetime. Displays a list of all NAT translations for the specified internal IP address.\\
+The status of a translation is determined by the time of its last use and the lifetime parameter specified in the cluster options. If <lifetime> (in seconds) is specified, its value is used as the translation’s lifetime.
+Command format:
+<code>fdpi_cli nat show <internal_ip> [<lifetime>]</code>
+Sample output:
+<code>
+fdpi_cli nat show 172.16.120.35
+nat_type   protocol internal ip     internal port dest ip         dest port  external ip     external port active
+CGNAT      TCP      172.16.120.35   33186         0.0.0.0         0          172.16.120.4    1031          false
+CGNAT      TCP      172.16.120.35   52896         17.108.151.45   80         172.16.120.4    1024          false
+CGNAT      TCP      172.16.120.35   38762         0.0.0.0         0          172.16.120.4    1033          false
+CGNAT      TCP      172.16.120.35   40548         103.108.151.45  80         172.16.120.4    1038          false
+CGNAT      TCP      172.16.120.35   36466         17.108.151.45   443        172.16.120.4    1036          false
+CGNAT      TCP      172.16.120.35   37848         0.0.0.0         0          172.16.120.4    1026          false
+</code>
+Legend:
+<code>
+nat_type     	- NAT type (0 - CGNAT, 1 - 1:1 NAT),
+protocol     	- Layer 4 protocol (0 - TCP, 1 - UDP),
+internal_ip     - private IP,
+internal_port	- internal port,
+dest_ip     	- destination IP,
+dest_port     	- destination port,
+external_ip     - external IP,
+external_port   - external port,
+active         	- translation activity flag (true if active)
+</code>
+===== Key to command to view NAT profile statistics via fdpi_ctrl =====
 Command:
 <code>
@@ Line 259: / Line 300: @@
 <note>''rx_dispatcher'' parameter description [[en:dpi:opt_cgnat:сgnat_settings#parameters_and_possible_values|at the link]]</note>
-=== Key to command to view the dump NAT profile statistics ===
+===== Key to command to view the dump NAT profile statistics =====
 Command:
 <code>
@@ Line 331: / Line 372: @@
 	igcache          - index in the corresponding cache-slice recoding 'private --> public'
 </code>
+===== Monitoring Free/Busy Ports on Whitelisted Addresses =====
+Proactive monitoring helps avoid issues with a shortage of free ports and the resulting inability to create new sessions,
+by allocating additional blocks of whitelisted addresses or reducing port allocation limits when resources in the current pool are exhausted.
+**Free ports on a white address** = whpf (unallocated) + whp_ruse (ready for reuse)\\
+**Busy ports on a white address** = whpb (allocated) - whp_ruse (ready for reuse)

Profile

Settings

Differences

Differences

What were you trying to find?