Re: IPv4 NATs not working

jseilerwfg · ‎06-29-2012

I've been struggling for this one now for about 3 weeks.

We have a router that boarders a B2B connection and within the config we NAT our internals to a specific set of addresses.

So, for example (addresses have been changed from production):

ip nat inside source static 192.168.1.22 192.168.2.22

ip nat inside source static 192.168.1.23 192.168.2.23

ip nat inside source static 192.168.1.27 192.168.2.27

ip nat inside source static 192.168.1.28 192.168.2.28

ip nat inside source static 192.168.1.77 192.168.2.77 <--- Problem child

!

ip nat translation timeout 300

What I am running into is the 192.168.1.77 inside local (aka Real) is a DNS server that forwards requests to another DNS server across our B2B connection. Every-so-often, the router decides to stop translating the address and nobody can access certain hosts. I have to issue 'clear ip nat translation *' to get it working aging.

2811 Running 12.4(24)T3

TIA!

handoko wiyanto · ‎06-29-2012

Did you check the cpu and memory utilization before clearing the nat translation?

Sent from Cisco Technical Support iPad App

jseilerwfg · ‎06-29-2012

Yep, It's snoozing

pompeychimes · ‎06-29-2012

For what its worth my strange NAT problems have always be resolved with an IOS change.

James

jseilerwfg · ‎06-29-2012

Yeah, I'm thinking about jumping up to T5 on the current train. I've also had it freak out when using object-groups in ACLs

handoko wiyanto · ‎06-29-2012

hi,

how much dram and flash do you have for that router?

i was reading release note here

http://www.cisco.com/en/US/docs/ios/12_4t/release/notes/124TCAVS.html

it seems that those T releases do have problems with nat

well, perhaps T5 is a good start, but im suggesting you start with T7, it resolve quite important bug:

CSCtg47129

Symptoms: A memory leak is seen when NAT is configured.

Conditions: This symptom is observed when NAT is configured.

Workaround: There is no workaround.

regards,