NOVELL TECHNICAL INFORMATION DOCUMENT TITLE: Updated & enhanced NAT.NLM TID #: 2960638 README FOR: nat600d.exe SUPERSEDES: nat10.exe NOVELL PRODUCTS and VERSIONS: NetWare 4.2 NetWare 5.1 NetWare 6 ABSTRACT: This patch contains the latest NAT.NLM for NetWare 4.2, 5.1 and 6.0 ----------------------------------------------------------------- DISCLAIMER THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL. NOVELL MAKES ALL REASONABLE EFFORTS TO VERIFY THIS INFORMATION. HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY. NOVELL MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION. ----------------------------------------------------------------- INSTALLATION INSTRUCTIONS: 1. Back up old NAT.NLM by renaming to another extension. 2. Copy NAT.NLM to the SYS:\SYSTEM directory. 3. Reboot the server. ISSUE: This NAT.NLM provides a number of new commands that will help troubleshoot and often solve NAT hang problems: 1. SET nat periodic cleanup time - this command sets the periodic cleanup time for NAT in MINUTES (default = 3 MINUTES). Dropping this down to 1 minute can help free up slots in the TCP connection table when the NAT server has a lot of users going through it. 2. _dumpnattcp - this command dumps the contents of the TCP connection table to the sys:\etc\nattcp.log. The information dumped includes the following from the NAT connection: SRC IP Address | Orig private Port | Translated public Port | Dest IP Address |Dest Port | State | LAT(Sec) where: - SRC IP Address is the source IP address of workstation on the private network - Orig private Port is the TCP source port of the TCP session on the private network (1025 - 65535 range) - Translated public Port is the TCP source port of the TCP session on the public network (55000 - 60000 range) - Dest IP Address is the destination IP address of the request (will remain the same on both the private and public side of the NAT router) - Dest Port is the destination TCP port for the request (will remain the same on both the private and public side of the NAT router) - State is the state of the session as far as the NAT TCP connection table is concerned. There are 8 possible states that are represented by the various bits enabled CS_WAITING_FOR_SYN_ACK (1<<0) // waiting for ack to syn CS_SEEN_SYN_ACK (1<<1) // seen the syn ack CS_WAITING_FOR_ADJUST_ACK (1<<2) // waiting for adjustment ack CS_WAITING_FOR_PRV_FIN_ACK (1<<3) // waiting for fin ack from prv CS_WAITING_FOR_PUB_FIN_ACK (1<<4) // waiting for fin ack from pub CS_SEEN_PRV_FIN_ACK (1<<5) // seen the prv fin ack CS_SEEN_PUB_FIN_ACK (1<<6) // seen the pub fin ack CS_FTP_DATA_CONNECTION (1<<7) // FTP Data connection CS_WAITING_FOR_PUB_SYN (1<<8) // waiting pub syn after "PORT" A typical connection would have a state of 00000010. This implies that the only flag that is enabled is the CS_SEEN_SYN_ACK which indicates that we've seen the SYN ACK from the remote TCP server and have probably successfully established the connection. This state is totally valid. This is the key field as far as troubleshooting is concerned. If the CS_WAITING_FOR_PUB_FIN_ACK or CS_WAITING_FOR_PRV_FIN_ACK flags are enabled for more than 2 minutes, then an issue with the closing of the connections may be taking place. - LAT(Sec) specifies the amount of time the connection has been active for. Self-Extracting File Name: nat600d.exe Files Included Size Date Time ..\ NAT600D.TXT (This file) NAT.NLM 468847 10-24-2001 12:25:12 pm ----------------------------------------------------------------- Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information. -----------------------------------------------------------------