6500 NAT between Vlans max entries

Unanswered Question
Feb 11th, 2008

I'm having a problem doing NAT translations between Vlans. I have a nat inside vlan with a private segment and a nat outside vlan with a public ip address. The problem I'm having is that at times the CPU of the switch peaks to 100%. I think it's a limitation of the 6500 when it gets to the max nat entries. The process IP NAT ager is the one I have with the most utilization with 80-90%. Here is a show ip nat statistics. The question is what is the max nat entries for the 6500 so I can configure it as the max-entries?


Router#sh ip nat statistics

Total active translations: 10763 (0 static, 10763 dynamic; 10763 extended)

Outside interfaces:

Vlan504

Inside interfaces:

Vlan505, Vlan506, Vlan507, Vlan508, Vlan509

Hits: 55987246 Misses: 24073282

Expired translations: 23469806

Dynamic mappings:

-- Inside Source

[Id: 2] route-map Priv-IPs-NAT interface Vlan504 refcount 10763

Router#

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pradeepde Fri, 02/15/2008 - 11:47

PAT/NAT are Netflow derived features and as such are accelerated, but not entirely done in hardware its also depends on the software. So there is high cpu usage.

Actions

This Discussion