Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3117
Views
0
Helpful
1
Replies

NAT TIMEOUT RECOMMENDATIONS

nicolasvibert
Level 1
Level 1

‎08-09-2005 05:20 AM - edited ‎03-03-2019 10:14 AM

Hello,

My client has PAT configured, on a 3725 and its NAT Translation table has about 1000 translations.

We would like to lower this number with the following commands:

ip nat translation udp-timeout <seconds>

ip nat translation dns-timeout <seconds>

ip nat translation tcp-timeout <seconds>

ip nat translation finrst-timeout <seconds>

When port translation is configured, there is finer control over translation entry timeouts, because each entry contains more context about the traffic using it. Non-DNS UDP translations time out after 5 minutes; DNS times out in 1 minute. TCP translations time out after 24 hours, unless a RST or FIN is seen on the stream, in which case it times out in 1 minute.

I was wondering if Cisco recommended any timeout, obviously lower than the default ones above, but not too low to disrupt the network.

any ideas?

Thanks,

Nicolas

Labels:
0 Helpful
1 Reply 1

thomas.chen
Level 6
Level 6

‎08-12-2005 12:45 PM

Don't think there are any low values defined for the timeout values. The default values are the same as you had mentioned. Non-DNS UDP translations time out after 5 minutes, and DNS times out in 1 minute. TCP translations time out in 24 hours, unless an RST or FIN bit is seen on the stream, in which case they will time out in 1 minute.

0 Helpful
Customers Also Viewed These Support Documents