Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1115
Views
1
Helpful
1
Replies

CGN behavior on ASR1001X

Go to solution
jny
Level 1
Level 1

‎08-07-2019 11:28 PM

Trying to determine how the CGN function balances sessions across a pool of public IPs.

 

With my current config (se below), NAT'ing jumps wildly between public IPs.   An "inside" hosts changes public IP per session. I expected this, but not at this level. 

 

On an "outside" server, I logged this.  

 

<SNIP>

Mon, 05 Aug 2019 15:20:54 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 15:25:02 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 15:26:05 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 15:48:13 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}
Mon, 05 Aug 2019 15:57:04 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 15:59:06 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}
Mon, 05 Aug 2019 15:59:13 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 16:02:25 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}
Mon, 05 Aug 2019 16:03:44 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Mon, 05 Aug 2019 16:03:53 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}
Mon, 05 Aug 2019 16:13:52 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}
Mon, 05 Aug 2019 16:21:55 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.78}
Tue, 06 Aug 2019 08:30:44 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.79}

Tue, 06 Aug 2019 08:59:15 +0200 [ERROR] {"username":"REMOTE-PROBE","remote":"42.42.42.64}

</SNIP>

 

The NAT-function works fine, but I would like some more "stickyness".    Docs does not describe anything usefull.

 

!

ip nat settings mode cgn
no ip nat settings support mapping outside
no ip nat service pptp
ip nat pool POOL1 42.42.42.64 42.42.42.79 prefix-length 28
prefix-length 24
ip nat inside source list CGN-PRIVATE-SPACE1 pool POOL1 overload
ip nat inside source list CGN-PRIVATE-SPACE2 pool POOL1 overload
!

ip access-list standard CGN-PRIVATE-SPACE1
permit 100.64.0.0 0.0.63.255

ip access-list standard CGN-PRIVATE-SPACE2
permit 100.64.64.0 0.0.63.255
!

 

 

/Nykaer

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Evgeniy Prichinin
Level 1
Level 1

‎08-16-2019 02:21 AM - edited ‎08-16-2019 02:22 AM

Try to set ip nat settings pap limit 30 bpa

also you could set timeout for connections.

View solution in original post

1 Reply 1

Go to solution
Evgeniy Prichinin
Level 1
Level 1

‎08-16-2019 02:21 AM - edited ‎08-16-2019 02:22 AM

Try to set ip nat settings pap limit 30 bpa

also you could set timeout for connections.

Customers Also Viewed These Support Documents