×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NAT TCP translation timout

Unanswered Question
Nov 8th, 2005
User Badges:

Hi All,


Can anybody explain to me why the NAT TCP translation timeout default is 86400 seconds (1 day). I am running NAT overload and most of the time my NAT space gets filled over with lot of translations. I want to know the appropriate TCP fine tuning in this regard.


Thanks,

Praful

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco2003 Tue, 11/08/2005 - 16:22
User Badges:

Hi Praful,


I think you have many P2P application, like BT, EDonkey etc. Each NAT entry uses around 20 bytes of memory, router would run out os memory if sessions burst out in a high volume. So you need limit the nat entry number on router, try:

ip nat translation tcp-timeout 60

ip nat translation max-entries 70

You can tune tcp-timeout and max-entries smaller until it works fine.


Actions

This Discussion