Hello,
I am currently having issues with a router having PAT configured. It works well for a moment but after a couple of hours, the router stops working becuase it has a lot of active translations (200K or more). Take in mind that this is a backup router and the main router hasn't any problem and just has 30.000 active sessions usually.
I am currently looking that the Out-to-in drops (in nat statistics) are constantly getting increased, even when this router just has a few active sessions currently because mos ot the traffic is going through the main router now.
Rourter#show ip nat statistics
Total active translations: 337 (21 static, 316 dynamic; 327 extended)
Outside interfaces:
GigabitEthernet0/0/0.10
Inside interfaces:
Vlan30
Hits: 377 Misses: 136
Expired translations: 141
Dynamic mappings:
-- Inside Source
[Id: 2] access-list 101 interface GigabitEthernet0/0/0.10 refcount 6
-- Outside Source
[Id: 1] access-list 180 pool NAT-TEST refcount 0
pool NAT-TEST: id 1, netmask 255.255.255.0
start 192.168.1.1 end 192.168.1.254
type generic, total addresses 254, allocated 0 (0%), misses 0
nat-limit statistics:
max entry: max allowed 500000, used 316, missed 0
In-to-out drops: 616344 Out-to-in drops: 1647470
Pool stats drop: 0 Mapping stats drop: 0
Port block alloc fail: 22886
IP alias add fail: 0
Limit entry add fail: 0
I am not sure why I am getting the drops increased currently. Can you please help me?. Thank you very much.
Best Regards.
