The nat port-block ip-used-up alarm threshold command enables the alarm threshold on the port block usage of addresses in the address pool.
The undo nat port-block ip-used-up alarm threshold command disables the alarm threshold on the port block usage of addresses in the address pool.
nat port-block ip-used-up alarm threshold threshold
undo nat port-block ip-used-up alarm threshold
| Parameter | Description | Value |
|---|---|---|
threshold |
Specifies the threshold to send logs for exhaustion of addresses in the address pool. |
The value is an integer ranging from 60 to 100. The default value is 80, in percentage. |
In a scenario where the function of sending logs and alarms when the port block usage of addresses in the address pool reaches the threshold is enabled, when the port block usage of the IP addresses in the address pool reaches the specified value, the FW sends a log and alarm to the log server.
For example, the port block size allocated to each IP user is 256. Then the number of port blocks allocatable for each address in the address pool is 248 (for example, the smallest allocatable port is 2048, and the largest allocatable port is 65535; then the number of port blocks is (65535-2048+1)/256 = 248). If the address pool has 10 IP addresses, there will be 2480 port blocks. When the number of used port blocks in the address pool reaches 2480 x 80% , the FW sends a log CGN/4/POOL_USEDUP and CGN_1.3.6.1.4.1.2011.6.122.18.3.2.9 hwSecTrapPortRangePoolUsedUp. 80% is the value of threshold number, which is the threshold. When the number of port blocks in the address pool is smaller than 2480 x 80% , the FW sends the CGN/5/POOL_NORMAL log and the CGN_1.3.6.1.4.1.2011.6.122.18.3.2.10 hwSecTrapPortRangePoolNormal alarm.