Knowledge Search


×
 

[SRX] Checking the maximum number of NAT sessions supported for vSRX and Branch SRX

  [KB33312] Show Article Properties


Summary:

Administrators may be concerned about the number of Network Address Translation (NAT) sessions that are supported on their devices to ensure that the NAT number is sufficient for their environments.

This article shows how to check the total number of NAT sessions supported by the vSRX and Branch SRX devices by using the Command Line Interface (CLI).

 

Solution:

To check the maximum number of NAT sessions, enter show usp nat cp sysconf at the VTY prompt, and then check the usp_max_nat_session line.

‚ÄčvSRX

On vSRX, enter the shell as root, access the VTY, and then enter the above command. Note that the command to enter the VTY prompt on vSRX is different from that used for Branch SRX.

root> start shell user root
root@% vty fpc0

TOR platform (1899Mhz Intel(R) Xeon(R) processor, 1536MB memory, 16384KB flash)

FLOWD_VSRX_S( vty)# show usp nat cp sysconf
usp_max_nat_pport_dst = 24
usp_max_nat_pat_port_num = 50331648
usp_max_nat_pat_addr = 768
usp_max_nat_no_pat_addr = 98304
usp_nat_cookie_num = 5
usp_max_nat_session = 524288
usp_max_rm_client_num = 0
usp_max_h323_call_num = 1536
mgcp_transaction_hash_max_entries = 1024
usp_max_sccp_call_num = 1536
usp_max_tcpproxy_connection = 49152
usp_max_mgcp_call_num = 1536
usp_max_sip_call_num = 1536
usp_max_rtsp_connections = 1536
usp_trace_max_num_records = 1000
usp_max_concurrent_auth_users = 1024

As seen above, the maximum number of NAT sessions is 524288. Type exit to leave the VTY prompt, and then cli to get back to the operational mode prompt.

 

Branch SRX

For Branch SRX devices, the process is the same, but the command to enter the VTY prompt is different. Type vty fwdd to enter the VTY prompt:

root@SRX550> start shell user root
root@SRX550% vty fwdd

BSD platform (OCTEON processor, 992MB memory, 16384KB flash)

FLOWD_OCTEON(SRX550 vty)# show usp nat cp sysconf
usp_max_nat_pport_dst = 16
usp_max_nat_pat_port_num = 67108864
usp_max_nat_pat_addr = 512
usp_max_nat_no_pat_addr = 131072
usp_nat_cookie_num = 5
usp_max_nat_session = 262144
usp_max_rm_client_num = 0
usp_max_h323_call_num = 512
mgcp_transaction_hash_max_entries = 1024
usp_max_sccp_call_num = 512
usp_max_tcpproxy_connection = 8192
usp_max_mgcp_call_num = 512
usp_max_sip_call_num = 512
usp_max_rtsp_connections = 512
usp_trace_max_num_records = 1000
usp_max_concurrent_auth_users = 1000

As seen above, the maximum number of NAT sessions is 262144. As with vSRX, type exit to leave the VTY prompt and cli to go back to the operational mode prompt.

 

Related Links: