RE: NAT problem

From: Sudhanshu Gupta (sudhanshu.gupta@xxxxxxxxxxx)
Date: Fri May 10 2002 - 04:38:29 GMT-3

• Next message: p729@xxxxxxx: "OT: New Plaque"
• Previous message: Nick Shah: "Re: NAT problem"
• Maybe in reply to: Sudhanshu Gupta: "NAT problem"
• Next in thread: Nick Shah: "Re: NAT problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Nick,
Thanks.
We already upgraded the IOS and tried clearing NAT table with "clear ip nat tra
n * " but that didn't help.
-sudhanshu

ps:
relevent portions of config are:

outside interface - serial 1/0
inside interface - FastEther 1/0 and async65

!
ip local pool classpool 10.49.67.130 10.49.67.254
ip nat translation timeout 3600
ip nat translation tcp-timeout 3600
ip nat pool aod x.y.z.67 x.y.z.70 netmask 255.255.255.248
ip nat inside source list 1 pool aod overload
ip classless

> -----Original Message-----
> From: Nick Shah [SMTP:nshah@connect.com.au]
> Sent: Friday, May 10, 2002 1:06 PM
> To: Sudhanshu Gupta; ccielab@groupstudy.com
> Subject: Re: NAT problem
>
> I saw this prob. once on a customer network (Cisco 1720), basically he was
> doing PAT (NAT on single public ip address). We upgraded the IOS and the
> issue was resolved. In his case the number of NAT entries were running into
> 100's. There seems to be a bug associated with it (cant recall it now.) I
> think there may be a bottleneck associated with amount of memory / number of
> NAtted entries that can exist.
>
> But I also figured out that you can do a clear ip nat trans * and then the
> router will purge the current NAT dynamic entries and starts working again
> (till it hits the bottleneck again). Try this as a workaround..
>
> Permanent workaround (if you are indeed using PAT) would be to allocate a
> small pool of public IP addresses and do a NAT on that.
>
> hth
> Nick
>
>
> -----Original Message-----
> From: Sudhanshu Gupta <sudhanshu.gupta@wipro.co.in>
> To: ccielab@groupstudy.com <ccielab@groupstudy.com>
> Date: Friday, 10 May 2002 5:14
> Subject: NAT problem
>
>
> >Team,
> >Can any one shed some light on this. We start getting these message on our
> 3660. It was running on 12.2 (3) and we upgrded it to 12.2 (7)b, but the
> message havn't stopped. And router stops doing any NAT translation. Only
> reboot helps.
> >
> >15:40:54: NAT: address not stolen for 10.49.67.178, proto 17 port 1102
> >15:40:54: NAT: failed to allocate address for 10.49.67.178, list/map 1
> >15:40:54: NAT: translation failed (A), dropping packet s=10.49.67.178
> d=212.162.
> >
> >Any ideas.
> >Thanks for help.
> >-sudhanshu

• Next message: p729@xxxxxxx: "OT: New Plaque"
• Previous message: Nick Shah: "Re: NAT problem"
• Maybe in reply to: Sudhanshu Gupta: "NAT problem"
• Next in thread: Nick Shah: "Re: NAT problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:54 GMT-3