[c-nsp] ASR9006 - CG NAT - VSM-500

Aaron aaron1 at gvtc.com
Thu Dec 17 14:37:53 EST 2015 

Apparently, /27 is the smallest ip block you can use for cgnat pool (ASR9006
XR 5.3.1)


service cgn cgn1
 service-type nat44 nat1
  inside-vrf six
   map outside-vrf one address-pool 193.193.193.0/32

....when committing the above config, i get....

!!% 'cgn' detected the 'warning' condition 'Prefix value is out of range for
this platform'

...same with...

   map outside-vrf one address-pool 193.193.193.0/31
!!% 'cgn' detected the 'warning' condition 'Prefix value is out of range for
this platform'

...same with...

   map outside-vrf one address-pool 193.193.193.0/30
!!% 'cgn' detected the 'warning' condition 'Prefix value is out of range for
this platform'

...same with...

   map outside-vrf one address-pool 193.193.193.0/29
!!% 'cgn' detected the 'warning' condition 'Prefix value is out of range for
this platform'

...same with...

   map outside-vrf one address-pool 193.193.193.0/28
!!% 'cgn' detected the 'warning' condition 'Prefix value is out of range for
this platform'

...but /27 seems ok.  looks like /27 might the smallest ip pool you can use
for cgnat ? ...

RP/0/RSP0/CPU0:eng-lab-9k-1(config-cgn-invrf)#sh run service cgn cgn1
Thu Dec 17 09:13:14.241 CST
service cgn cgn1
 service-location preferred-active 0/3/CPU0
 service-type nat44 nat1
  portlimit 65535
  alg ActiveFTP
  inside-vrf six
   map outside-vrf one address-pool 193.193.193.0/27
   external-logging syslog
    server
     address 172.22.14.121 port 514
      session-logging
     !
     address 172.22.14.247 port 514
      session-logging
     !
    !
   !
  !
  protocol udp
   session initial timeout 65535
   session active timeout 65535
  !
  protocol tcp
   session initial timeout 65535
   session active timeout 65535
  !
 !
!

RP/0/RSP0/CPU0:eng-lab-9k-1(config)#do sh cgn nat44 nat1 mapping
outside-address inside-vrf six start-addr 9$
Thu Dec 17 09:15:52.459 CST
Mapping details for address pool inside a Vrf
----------------------------------------------------------------------------
-------------------
NAT44 instance    : nat1
VRF               : six
----------------------------------------------------------------------------
-------------------
Inside Ip          Outside IP       Type                Port Range
Ports Used
Address             Address
----------------------------------------------------------------------------
-------------------
10.144.0.11      193.193.193.1               Random          0-0
6
10.144.0.10      193.193.193.24              Random          0-0
15


RP/0/RSP0/CPU0:eng-lab-9k-1(config)#do sh cgn nat44 nat1 pool-utilization
inside-vrf six address-range 193.193.$
Thu Dec 17 09:17:23.548 CST
193.193.193.0          65535         0
193.193.193.24         65520         15
193.193.193.1          65373         162
193.193.193.25         65535         0
193.193.193.2          65535         0
193.193.193.26         65535         0
193.193.193.3          65535         0
193.193.193.27         65535         0
193.193.193.4          65535         0
193.193.193.28         65535         0
193.193.193.5          65535         0
193.193.193.29         65535         0
193.193.193.6          65535         0
193.193.193.30         65535         0
193.193.193.7          65535         0
193.193.193.31         65535         0
193.193.193.8          65535         0
193.193.193.9          65535         0
193.193.193.10         65535         0
193.193.193.11         65535         0
193.193.193.12         65535         0
193.193.193.13         65535         0
193.193.193.14         65535         0
193.193.193.15         65535         0
193.193.193.16         65535         0
193.193.193.17         65535         0
193.193.193.18         65535         0
193.193.193.19         65535         0
193.193.193.20         65535         0
193.193.193.21         65535         0
193.193.193.22         65535         0
193.193.193.23         65535         0

RP/0/RSP0/CPU0:eng-lab-9k-1(config)#do sh cgn nat44 nat1 statistics
Thu Dec 17 09:18:35.450 CST

Statistics summary of NAT44 instance: 'nat1'
Number of active translations: 240
Number of sessions: 0
Translations create rate: 2
Translations delete rate: 0
Inside to outside forward rate: 5
Outside to inside forward rate: 4
Inside to outside drops port limit exceeded: 0
Inside to outside drops system limit reached: 0
Inside to outside drops resource depletion: 0
No translation entry drops: 952803
PPTP active tunnels: 0
PPTP active channels: 0
PPTP ctrl message drops: 0
Number of subscribers: 2
Drops due to session db limit exceeded: 0
Drops due to source ip not configured: 0

Pool address totally free: 30
Pool address used: 2
Pool address usage:
-------------------------------------------------
  External Address       Ports Used
-------------------------------------------------
  193.193.193.24            17
  193.193.193.1             223
-------------------------------------------------



Aaron

More information about the cisco-nsp mailing list