6500 NAT between Vlans max entries

Unanswered Question
Feb 11th, 2008

I'm having a problem doing NAT translations between Vlans. I have a nat inside vlan with a private segment and a nat outside vlan with a public ip address. The problem I'm having is that at times the CPU of the switch peaks to 100%. I think it's a limitation of the 6500 when it gets to the max nat entries. The process IP NAT ager is the one I have with the most utilization with 80-90%. Here is a show ip nat statistics. The question is what is the max nat entries for the 6500 so I can configure it as the max-entries?

Router#sh ip nat statistics

Total active translations: 10763 (0 static, 10763 dynamic; 10763 extended)

Outside interfaces:


Inside interfaces:

Vlan505, Vlan506, Vlan507, Vlan508, Vlan509

Hits: 55987246 Misses: 24073282

Expired translations: 23469806

Dynamic mappings:

-- Inside Source

[Id: 2] route-map Priv-IPs-NAT interface Vlan504 refcount 10763


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pradeepde Fri, 02/15/2008 - 11:47

PAT/NAT are Netflow derived features and as such are accelerated, but not entirely done in hardware its also depends on the software. So there is high cpu usage.


This Discussion