cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
895
Views
5
Helpful
2
Replies

Latency or disconnection because of NAT Translation

BSCMITTAA1
Level 1
Level 1

Hello Expert,

 

We are seeing some issue with Office 365 traffic ( outlook, share-point, one-drive and Team etc), We are overloading the traffic on outlook interface and routing the traffic directly to ISP.

We observed the issue mainly in peak hours.

We assume that this might be because of NAT translation are reaching around 60K or sometime 62K but I think theoretically we can maximum up to 64K. 
We don't have any nat translation exceeding log in switch log. Please help if you have any suggestion to check if this slowness or disconnection is because of nat translation, or any other cisco command to check the nat drop etc.

=============================

Router-02#sh ip nat statistics
Total active translations: 59137 (1 static, 59136 dynamic; 59136 extended)
Outside interfaces:
TenGigabitEthernet0/0/0
Inside interfaces:
TenGigabitEthernet0/0/1, GigabitEthernet0/0/0, Loopback10
Hits: 194067918672 Misses: 286922083
Expired translations: 288463623
Dynamic mappings:
-- Inside Source
[Id: 3] access-list preventice_nat interface TenGigabitEthernet0/0/0 refcount 0
[Id: 1] access-list sdwan_nat interface TenGigabitEthernet0/0/0 refcount 0
[Id: 2] access-list skype_nat interface TenGigabitEthernet0/0/0 refcount 58992
nat-limit statistics:
max entry: max allowed 0, used 0, missed 0
In-to-out drops: 248117271 Out-to-in drops: 6517667
Pool stats drop: 0 Mapping stats drop: 0
Port block alloc fail: 3321664
IP alias add fail: 0
Limit entry add fail: 0

2 Replies 2

the timeout is effect here, 
the NAT add entry in table, and new traffic come but the client use different port so it need to add new entry in table and this exhaust the PAT port.

reduce the timeout so the Router can free OLD entry and can re-use it.
what is your traffic is it UDP or TCP ? I think it is TCP so reduce the timeout and monitor the NAT statistic.

Thank you for your response.

 

Yes, traffic is TCP and currently we have timed out configured as 8 hours.

 

as NAT translation reaching around 85 to 90%, Do you believe this can cause slowness or disconnection in office 365 traffic ? 

as we don't see any NAT drop in show log.

 

Again, thanks for looking 

Review Cisco Networking for a $25 gift card