Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
2
Replies

Natting on nexus n9k-c9348gc-fxp is full

rabmou
Level 1
Level 1

‎11-20-2023 08:26 AM

Hi all,

i have the below running config internet is working and dropping on vlan due to the vlan translation is reaching the maximum after clearing the translation internet is back. kindly any help on what config should be applied to resolve this.

 

ip domain-lookup
ip access-list NAT_ACL
10 permit ip 10.0.1.0 0.0.0.255 any
20 permit ip 10.0.2.0 0.0.0.255 any
class-map type qos match-all copp-system-p-class-nat-flow
copp profile strict
snmp-server user admin network-admin auth md5 0xc340d402f79be327ee57064573451d04 priv 0xc340d402f79be327ee57064573451d04 localizedkey
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

ip route 0.0.0.0/0 192.168.1.1
ip route 0.0.0.0/0 192.168.10.1
vlan 1,10,20
ip nat pool 1 10.0.3.1 10.0.3.10 netmask 255.255.255.0
ip nat pool internet 10.0.30.1 10.0.30.30 prefix-length 24
ip nat translation timeout 60
ip nat inside source list NAT_ACL interface Ethernet1/48 overload

vrf context management
hardware access-list tcam region ing-racl 256
hardware access-list tcam region ing-l3-vlan-qos 256
hardware access-list tcam region nat 2048
hardware access-list tcam region ing-l3-span-filter 512


interface Vlan1

interface Vlan10
no shutdown
ip address 10.0.1.1/24
ip nat inside

interface Vlan20
no shutdown
ip address 10.0.2.1/24

interface Ethernet1/1
switchport
switchport access vlan 10
no shutdown

interface Ethernet1/2

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33

interface Ethernet1/34

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41

interface Ethernet1/42

interface Ethernet1/43

interface Ethernet1/44

interface Ethernet1/45

interface Ethernet1/46

interface Ethernet1/47
ip address 192.168.2.98/24
no shutdown

interface Ethernet1/48
ip address 192.168.10.20/24
ip nat outside
no shutdown

interface Ethernet1/49

interface Ethernet1/50

interface Ethernet1/51

interface Ethernet1/52

interface Ethernet1/53

interface Ethernet1/54

interface mgmt0
vrf member management
line console
line vty
boot nxos bootflash:/nxos.9.3.2.bin

Labels:
0 Helpful
2 Replies 2

Reza Sharifi
Hall of Fame
Hall of Fame

‎11-20-2023 11:03 AM

Hi,

Try changing the timeout value to a higher number:

ip nat translation timeout 15000

 and test again.

HTH 

0 Helpful

rabmou
Level 1
Level 1
In response to Reza Sharifi

‎11-21-2023 10:03 AM

this was tested and not working. it is causing the timeout to be for longer time.

 

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card