Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
839
Views
5
Helpful
3
Replies

What does PAT do if a dynamic port is already registered to another IP?

Go to solution
Viscid
Level 1
Level 1

ā€Ž06-26-2016 05:14 PM - edited ā€Ž03-05-2019 04:18 AM

Hi all,

What does a router do if it receives a packet attempting to access a public IP with a source port that has already been mapped to another private IP address? I was also wondering what happens in the unlikely event that a router runs out of ports to use for PAT, theoretically at least.

Thanks for your time.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

ā€Ž06-26-2016 05:50 PM

Hi,

What does a router do if it receives a packet attempting to access a public IP with a source port that has already been mapped to another private IP address?

If the source port is already used for another existing translation, the router will choose another free port and will rewrite both the source IP and the source port. Cisco routers split the source ports into three subsets: 0-511, 512-1023, 1024-65535, and depending on where the original source port falls into, they will try to allocate the first free port from the corresponding group.

I was also wondering what happens in the unlikely event that a router runs out of ports to use for PAT, theoretically at least.

Cisco routers will drop the packets that were intended to be subject to PAT but for which there was no free port left.

Best regards,
Peter

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

ā€Ž06-26-2016 05:50 PM

Hi,

What does a router do if it receives a packet attempting to access a public IP with a source port that has already been mapped to another private IP address?

If the source port is already used for another existing translation, the router will choose another free port and will rewrite both the source IP and the source port. Cisco routers split the source ports into three subsets: 0-511, 512-1023, 1024-65535, and depending on where the original source port falls into, they will try to allocate the first free port from the corresponding group.

I was also wondering what happens in the unlikely event that a router runs out of ports to use for PAT, theoretically at least.

Cisco routers will drop the packets that were intended to be subject to PAT but for which there was no free port left.

Best regards,
Peter

0 Helpful

Go to solution
Viscid
Level 1
Level 1
In response to Peter Paluch

ā€Ž06-26-2016 06:05 PM

If the source port is already used for another existing translation, the router will choose another free port and will rewrite both the source IP and the source port.

So the router stores these changes and then upon receiving a packet back with the modified source port and source IP translates them back to their original values?

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Viscid

ā€Ž06-26-2016 06:08 PM

Hi,

So the router stores these changes and then upon receiving a packet back with the modified source port and source IP translates them back to their original values?

Yes, that's correct - but keep in mind that upon receiving a packet back, it is the destination IP address and port that will get rewritten to the original private IP address and the original port (remember, a response coming back has the addressing information reversed).

Best regards,
Peter

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card