Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1151
Views
0
Helpful
3
Replies

Dynamic NAT & IP release

Go to solution
lv426
Level 1
Level 1

‎12-04-2017 07:19 AM - edited ‎03-08-2019 12:59 PM

Hi,

 

I'm studying NAT and there is something I don't understand about dynamic NAT so maybe you guys can help.

 

I have used both Packet Tracer (7.1) and a small lab to test NAT.

My topology is quite simple : 3 PC/clients, a switch, two routers (A/B), a web server. NAT is performed on router A. B is the remote router.

I set up a pool with 2 IP.

On Packet Tracer, with a browser, PC 1 can access the server. PC 2 as well. PC 3 cannot which is normal.

Now, I read several times, for dynamic NAT, when an IP is no longer used it is released and made available in the pool again. My problem is, on Packet Tracer, the IP remains 'captive' even if the browser is closed.

 

Since I thought it might be a Packet Tracer 'weird' behaviour so I tried on a lab with two routers A/B (1841/IOS 15) and three loopbacks on A. Pinging from lo 0/1/2 to Outside Global on B. The behaviour is the same.

 

So I guess I'm missing something here.

 

Any help appreciated :p

 

Eric

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rich Uline
Level 1
Level 1

‎12-04-2017 10:04 AM

Lv426,

A dynamic NAT translation will remain active for some time after it is last used. I believe that is somewhere in the neighborhood of 24hrs. You can change this behavior using the 'ip nat translation timeout' command and its more specific children. Additionally, a modern HTTP session is typically persistent and never closed, so the router will never see a fin packet.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rich Uline
Level 1
Level 1

‎12-04-2017 10:04 AM

Lv426,

A dynamic NAT translation will remain active for some time after it is last used. I believe that is somewhere in the neighborhood of 24hrs. You can change this behavior using the 'ip nat translation timeout' command and its more specific children. Additionally, a modern HTTP session is typically persistent and never closed, so the router will never see a fin packet.

0 Helpful

Go to solution
lv426
Level 1
Level 1
In response to Rich Uline

‎12-04-2017 10:14 AM

Thank you for your quick answer. It's perfectly clear.

Now I must investigate the scenarii where dynamic NAT is useful because right now I don't see much interest.

 

Anyway, thank you again Rich

 

Eric

0 Helpful

Go to solution
lv426
Level 1
Level 1
In response to lv426

‎12-05-2017 03:53 AM

Self-reply :p

 

I was forgetting a simple thing:

 

hosts number < pool : Dynamic NAT w/pool

hosts number > pool : Dynamic NAT w/pool+overload

 

Makes sense now.

 

Good day!

 

Eric

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card