Good day. We've got the following problem, but i cant solve it.
We have:
ASR1000-RP2
ASR1000-ESP40
ASR1000-SIP40
SPA-10X1GE-V2
SPA-10X1GE-V2
!
Kiwi Syslog Server
ASR performs the function of ISG. The number of subscribers until 10000. This number is constantly growing.
Because of the economic address space subscribers surf the Internet through NAT.
Now the task to keep logs of all translations or binds. Need to store the information about what time, certain internal IP address using the external IP.
I've tried:
!
ip nat log translations syslog
!
logging trap debugging
logging host xx.xx.xx.xx transport UDP port xxx
no logging console (so as not to load the CPU)
!
Next on the syslog server has come the following message:
...
%IOSXE-4-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:064 TS:00004084523374422713 %NAT-4-DEFAULT_MAX_ENTRIES: default maximum entries value 1048576 exceeded; frame dropped
...
I did:
!
ip nat translation max-entries 10000000
!
Error stopped publishing but logs do not come.
I think of the huge number of translation per second, it can not send them as fast.
How can this problem be solved or otherwise obtain and store information about a translations?
Say what Syslog server is properly used for large volumes of data.
Thank You and sorry for my English
-----------------------------------------------------------
Прошу вас оценивать и отмечать полезные для вас сообщения.
Please rate helpful answers.
