01-22-2016 05:18 AM - edited 02-21-2020 05:42 AM
Hi All,
I just want to know about the results of NAT translations below. Need to know your inputs. Don't know what are the meaning of highlighted below. Thanks in advance!
Router1:
Total active translations: 2600 (4 static, 2596 dynamic; 2596 extended)
Outside interfaces:
GigabitEthernet0/1/0
Inside interfaces:
Port-channel1.99, Port-channel1.100, Port-channel1.101
Hits: 915070021 Misses: 7640111
Expired translations: 7576409
Dynamic mappings:
-- Inside Source
[Id: 2] access-list NAT_ACL interface GigabitEthernet0/2/0 refcount 2513
nat-limit statistics:
max entry: max allowed 0, used 0, missed 0
In-to-out drops: 176674 Out-to-in drops: 24189
Pool stats drop: 0 Mapping stats drop: 0
Port block alloc fail: 46628
IP alias add fail: 0
Limit entry add fail: 0
Router2:
Total active translations: 5029 (1 static, 5028 dynamic; 5028 extended)
Outside interfaces:
GigabitEthernet0/0/1, GigabitEthernet0/1/0
Inside interfaces:
GigabitEthernet0/0/0, Port-channel2.99, Port-channel2.100
Port-channel2.101
Hits: 546320465 Misses: 6446100
Expired translations: 6445134
Dynamic mappings:
-- Inside Source
[Id: 3] access-list NAT_ACL interface GigabitEthernet0/1/0 refcount 5027
nat-limit statistics:
max entry: max allowed 0, used 0, missed 0
In-to-out drops: 80066 Out-to-in drops: 59164
Pool stats drop: 0 Mapping stats drop: 0
Port block alloc fail: 74851
IP alias add fail: 0
Limit entry add fail: 0
-Matt
01-22-2016 02:37 PM
How you got any NAT restrictions configured, like:
ip nat translation max-entries ...
01-22-2016 05:23 PM
No. I dont have configured max-entries. The only suggested to configured for me is the 1hr expiration of translation "ip nag translation timeout 3600". Is there anything wrong on the outputs of the nat stat?
01-22-2016 06:14 PM
I'm confused by the "id" in the output. Is by chance an HSRP NAT configuration?
01-22-2016 06:25 PM
Yes. We used HSRP NAT configuration. So the Router1 is the primary for the half of the traffic and the Router 2 for the other half.
01-22-2016 10:33 PM
I suspect these numbers my reflect that the standby can't apply the NATs that it knows about because it is the standby, and on becoming active it will work.
Not sure. If you aren't observing any issues I don't think I would worry about it.
01-24-2016 04:52 PM
BTW. Our setup are just like this.
ISP1 ISP2
HSRP1 - Active HSRP2 - Active
HSRP2 - Standby HSRP1 - Standby
NAT1 NAT2
I observed that the slowness occurs eventually in ISP2. When I try to re-route some traffic from ISP2 to ISP1. I haven't received an issue occurrence.
Do you know what was the meaning of this part in the results?
"In-to-out drops: 80066 Out-to-in drops: 59164"
Thanks!
01-24-2016 05:02 PM
I don't know. My guest guess is the router dropped the packet because it was being processed by the other router (aka was in HSRP standby mode).
01-25-2016 09:31 PM
Is NAT can cause of latency/disconnections?
01-25-2016 09:38 PM
Latency, not usually. Disconnections, yes if it is having a problem.
01-28-2016 09:28 PM
Ok. Maybe I should take a look deep to the NAT issues. Thanks Bro! Have a nice a day.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide