Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2273
Views
0
Helpful
1
Replies

static NAT without create entries

antonio.guirado
Level 3
Level 3

‎03-09-2010 02:48 AM - edited ‎03-04-2019 07:45 AM

Hello,

we are a little ISP and our design is based on private address. Our internet router is translating now 50.000 entries.

The issue is that we are used static NAT:

...

...

ip nat inside source static 10.17.254.129 <public_IP>

....

If we use the command "show ip nat translation | include 10.17.254.129" we have:

tcp 80.73.145.8:57618     10.17.254.129:57618   92.123.73.24:80       92.123.73.24:80
tcp 80.73.145.8:57937     10.17.254.129:57937   92.123.73.24:80       92.123.73.24:80
tcp 80.73.145.8:57956     10.17.254.129:57956   92.123.73.49:80       92.123.73.49:80
tcp 80.73.145.8:57957     10.17.254.129:57957   92.123.73.24:80       92.123.73.24:80
tcp 80.73.145.8:57967     10.17.254.129:57967   92.123.73.49:80       92.123.73.49:80
tcp 80.73.145.8:57968     10.17.254.129:57968   92.123.73.24:80       92.123.73.24:80
tcp 80.73.145.8:57980     10.17.254.129:57980   92.123.73.49:80       92.123.73.49:80
tcp 80.73.145.8:57996     10.17.254.129:57996   92.123.73.24:80       92.123.73.24:80
tcp 80.73.145.8:58000     10.17.254.129:58000   92.123.73.49:80       92.123.73.49:80
tcp 80.73.145.8:58114     10.17.254.129:58114   92.123.73.24:80       92.123.73.24:80
--- 80.73.145.8           10.17.254.129         ---                   ---

The router is creating a NAT entries for each new connection. I know that it is normal but

I'd like to know if there is a possible configuration where don't create entries because de router's CPU is

nearly 90% because of interruptions due to NAT translations.

We are using:


Cisco IOS Software, 7200 Software (C7200-IS-M), Version 12.4(25b), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 12-Aug-09 18:47 by prod_rel_team

ROM: System Bootstrap, Version 12.3(4r)T1, RELEASE SOFTWARE (fc1)
BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.2(13)ZD1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

internet1 uptime is 24 weeks, 1 day, 5 hours, 31 minutes
System returned to ROM by reload at 06:54:02 MET Mon Sep 21 2009
System restarted at 06:57:00 MET Mon Sep 21 2009
System image file is "disk2:/c7200-is-mz.124-25b.bin"
Last reload reason: Reload Command

Thanks.

Labels:
0 Helpful
1 Reply 1

antonio.guirado
Level 3
Level 3

‎03-09-2010 08:33 AM

Hello again,

I have test the command "no ip nat create flow-entries" and the behavior now has changed. Now for each

connection/flow a entries is not create. Do you know if there is other considerations that i should follow?.

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card