High CPU Utilization and NAT

Unanswered Question
Mar 25th, 2008


I am having high CPU utilization (sometimes 90% or more) on a 1841 router. Checking with "show processes cpu" I found out that about 2% is caused by processes and all the rest is because of interrupts. So I checked NAT translations and there are a lot of them so I think maybe that is the problem. My internal LAN is /24 and all traffic is NATed with overload to one public IP address.

A lot of the translations seem to be from one different port on every IP address to different destinations from each IP address, for example:

udp x.x.x.x:60630 x.x.x.250:60630 x.x.x.x:x x.x.x.x:x

Also about an hour ago I cleared ip nat translations and statistics, and "show ip nat statistics" gives me the following:

Total active translations: 1834 (0 static, 1834 dynamic; 1834 extended)

Outside interfaces:


Inside interfaces:


Hits: 312162 Misses: 11021

CEF Translated packets: 315723, CEF Punted packets: 14884

Expired translations: 13256

Dynamic mappings:

-- Inside Source

[Id: 2] access-list xx interface FastEthernet0/0 refcount 1834

[Id: 1] route-map XXX interface FastEthernet0/0 refcount 0

Queued Packets: 0

Do any has had any problem like this or can give me any advice on what to look for?

Thanks a lot,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cisco24x7 Tue, 03/25/2008 - 10:09

I am having the exact issue you described.

My setup is exactly as yours. I am running

this on a Cisco 2621 64MRAM/16MFlash.

As soon as I configure one of my boxes for

Emule, my connection goes out of control and

the router just freezes. It will pass traffics and I can NOT even console into the

device. The only way to fix this is to

physically OFF/ON the router. When this

happened, the router is contanstly at 99%

CPU utilization. By the way, I am running

IOS 12.3(24) with firewall and IDS feature


Welcome to the misery.

CCIE Security

fabianalfaro Tue, 03/25/2008 - 11:01

Thanks. So do you think high CPU utilization and NATing is a problem of any P2P software running? We checked PCs and it seemed no software like that was running.


This Discussion