Re: NAT stucks

From: Kazu Kimura (kimura@ctc.ad.jp)
Date: Fri Mar 02 2001 - 02:28:25 EST


Rafael,

Because there are many sessions active and there are many misses, you
better set the timeout value shorter as Mr.Larsen described. Default
value is 86400sec or 24 hours per Cisco manual.

Regards,
Kazu

On Thu, 01 Mar 2001 19:26:54 -0600
"Rafael A. Reta Rodriguez" <rafareta@icave.com.mx> wrote:

> Tanks for the reply :-)
>
> sh ip nat stat
> Total active translations: 287 (0 static, 287 dynamic; 287 extended)
> Outside interfaces:
> Ethernet0/1, Serial1/0:7
> Inside interfaces:
> Ethernet0/0, Serial1/0:3, Serial1/0:10
> Hits: 145365721 Misses: 3664818
> Expired translations: 3669419
> Dynamic mappings:
> -- Inside Source
> access-list 1 pool fuera refcount 287
> pool fuera: netmask 255.255.255.252
> start 148.206.5.136 end 148.206.5.139
> type generic, total addresses 4, allocated 1 (25%), misses 3395
>
> sh proc mem | inc nat didn't ecognized the "|" so I did a grep to nat and got
>
> 73 0 268 35259956 6796 0 0 IP NAT Ager
>
> Hope it's what we need
>
> RafaReta
>
>
> Kazu Kimura wrote:
>
> > What is the result of "sh ip nat stat"?
> > Also please check "sh proc mem | inc nat (or NAT)".
> > Maybe it will describe the reason.
> >
> > Regards,
> >
> > Kazu
> > On Thu, 01 Mar 2001 18:08:59 -0600
> > "Rafael A. Reta Rodriguez" <rafareta@icave.com.mx> wrote:
> >
> > > Sometimes (a couple of times each day) NAT (PAT) stops translating SMTPservices while translating other services like telnet and HTTP. When thishappens I clear ip nat translation * and every thing works properly.I use a 3640 with IOS 12.0(5)I did a show ip nat translation and got 606 lines of translations reportwith 206 like this:--- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.137 10.119.1.65 --- ---
> > > --- 148.206.5.138 10.119.16.134 --- ---
> > > and did a show mem with this header:
> > > Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
> > > Processor 60FD9E20 12739040 4548268 8190772 168392 8105984
> > > I/O 1C00000 4194304 2014528 2179776 2078924 2106652
> > > What is wrong?
> > > Why do I keep all this translations alive?
> > > show ip nat tranalation verbose give me a lot of:
> > > create 00:08:39, use 00:08:34, left 23:51:25,
> > > TIA
> > > RafaReta
> > > ICAVE



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:30 EDT