increase addresses in PAT pool on ACE

PAUL LUFKIN · ‎10-03-2012

I have an ACE 4710 configuted in one arm mode so I am using SNAT PAT to ensure that server replies go back via the ACE.

This PAT pool is running out of TCP ports as I only have 1 address currently in the pool.

The load balancing is to 4 CAS servers doing Exchange MAPI.

What is the best method for increasing the number of available addreses in the PAT pool

I have seen the following examples

nat-pool 1 10.209.76.64 10.209.76.65 netmask 255.255.255.254 pat

and

nat-pool 1 10.209.76.65 10.209.76.65 netmask 255.255.255.255 pat

nat-pool 1 10.209.76.64 10.209.76.64 netmask 255.255.255.255 pat

there are multiple examples of

nat-pool 1 10.209.76.64 10.209.76.65 netmask 255.255.255.254 pat

in CISCO documentation however I have read a MS document that says that this scenario may result in the server receiving a different SNAT address for the same original source address resulting in a broken connection on the server.

Has anyone configured more than one address in a PAT pool when loadbalancing to Excnage MAPI service on ACS servers?

jlamousn · ‎10-03-2012

Paul,

Either configuration method is fine.

In terms of the scenario scenario you mentioned from the MS document, this will not occur on the ace.

The reason for this is that the selection of the pat pool address is strictly based on the hash of the client ip

address and the same client ip cannot use different ips in the same nat-pool.

Thanks

Joel Lamousnery

CCIE R&S - 36768

Engineer, Customer Support

Technical Services

Joel Lamousnery CCIE R&S - 36768 Engineer, Customer Support Technical Services