Re: NAT Issue

eknell · ‎06-22-2007

I am running PAT on our core 7609 for all our private IP customers. For some reason I am constantly get a "%IPNAT-4-ADDR_ALLOC_FAILURE: Address allocation failed for 10.192.32.21, pool Inat might be exhausted" error message for one particluar ip. I know I haven't exhausted my NAT/PAT table, and I only seem to get the message on the same IP all the time.

Here is my NAT (PAT) config:

ip nat pool Inat x.x.238.2 x.x.238.6 prefix-length 29

ip nat inside source list 3 pool Inat overload

access-list 3 permit 10.190.0.0 0.0.255.255

access-list 3 permit 10.180.0.0 0.0.255.255

access-list 3 permit 10.189.0.0 0.0.255.255

access-list 3 permit 10.192.0.0 0.0.255.255

access-list 3 permit 10.194.0.0 0.0.255.255

access-list 3 permit 10.2.0.0 0.0.0.255

access-list 3 permit 10.32.0.0 0.0.255.255

access-list 3 permit 10.64.0.0 0.0.255.255

access-list 3 permit 10.128.0.0 0.0.255.255

access-list 3 permit 172.16.1.0 0.0.0.63

ET7609#sho ip nat st

Total active translations: 4638 (1 static, 4637 dynamic; 4634 extended)

Outside interfaces:

POS4/0/0, POS4/1/0

Inside interfaces:

Vlan1, Vlan15

Hits: 35298003 Misses: 815345

Expired translations: 814176

Dynamic mappings:

-- Inside Source

[Id: 1] access-list 3 pool Inat refcount 4637

pool Inat: netmask 255.255.255.248

start x.x.238.2 end x.x.238.6

type generic, total addresses 5, allocated 4 (80%), misses 280

Any help would be appreciated.

Thanks,

Ethan

murabi · ‎06-28-2007

This message indicates that an address could not be allocated from the

IP NAT pool. This condition can cause a translation failure and might

result in packets being dropped. The counter for missed packets will be

incremented.

Recommended Action: Determine if the NAT pool has been exhausted. To

reuse any existing addresses in the NAT pool for new packet flows, clear

the current NAT entries using the clear ip nat translation command.

Note: This will cause a momentary hit to users while the nat table is rebuilt.