12-16-2010 01:12 PM - edited 03-06-2019 02:34 PM
Hi,
We are having problems with users that are being natted.
We have defined nat pool to cover each user segment.
These ranges are not overseized but when the users said that they can not go trough internet what we do is to clear ip nat translations and the problem is resolved.
We have modified the ip nat translations timeout as follow:
with the purpose to liberage nat connections from default(ip nat translations timeout is by default setted to 24 hours) but the problem persist.
We are attaching the output of: sh ip nat statistics, the configuracion of nat at router .
Can somebody tell us why we see missed paquetes if there the pool is not oversized?.
Thanking you in advance.
Roger
12-23-2010 11:50 AM
Hi,
with the purpose to liberage nat connections from default(ip nat translations timeout is by default setted to 24 hours) but the problem persist.
you are using reversible keyword so creating entries which never time out.
take a look here where Peter explains this feature: https://supportforums.cisco.com/thread/212398
Can somebody tell us why we see missed paquetes if there the pool is not oversized?.
look here: http://cciepursuit.wordpress.com/2007/10/07/hits-and-misses-in-ip-nat-statistics/
Regards.
Alain.
12-23-2010 10:33 PM
Hi,
We are having problems with users that are being natted.
We have defined nat pool to cover each user segment.
These ranges are not overseized but when the users said that they can not go trough internet what we do is to clear ip nat translations and the problem is resolved.
We have modified the ip nat translations timeout as follow:
with the purpose to liberage nat connections from default(ip nat translations timeout is by default setted to 24 hours) but the problem persist.
We are attaching the output of: sh ip nat statistics, the configuracion of nat at router .
Can somebody tell us why we see missed paquetes if there the pool is not oversized?.
Thanking you in advance.
Roger
Hi Roger,
When the NAT is working, the 'Misses' shows the number of times the software does a translations table lookup, does not find a NAT translation entry, and must try to create a new one. An increase in the misses is because the NATed traffic is not going to the same destination always and the router needs to create new entries.
The number of misses genrally indicates about the failed allocations from the pool as there is no available address in NAT pool.
Check out the below command use the ip nat translation command in global configuration mode to reduce the amount of time after which Network Address Translation (NAT) translations time out and execute the command clear ip nat translations to clear all the active translations.
Check for any unwanted NAT pools configured and remove them from configuration. If you have problem in removing the NAT pool statement from the router configuration then try this.
1. Shut and unshut the interface.
2. Temporarily remove the ip nat inside/ip nat outside statements on the interface.
3. Temporarily remove the ip addresses on the interface.
4. Issue the router command clear ip nat translations *
5. Remove the nat pool statement.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide