We have a 6504 with a routing and switching module installed. We have 60 or so vlans running on the switching side and mutliple routing interfaces on the router side. We also have a large pat table of about 1500 entries on the routing side. When we add another vlan to the switch side the pat table starts to grow and the original entries stop working. If we didn't have the max entries set to a 10000 these translations would continue to grow and evidentually absorb all the memory on the router. We have to remove the translation command and reapply them to resolve the issue. Has anyone else seen this issue? We have started a TAC case on this but I am generally have good results with this forum...here goes...
The ip nat inside destination command translates the destination address of a packet going from the outside interface to the inside interface. This command is used to load balance among multiple servers on the inside network. The existence of multiple servers is hidden from the external world, which continues to use a single IP address to request the desired content. At the Network Address Translation (NAT) router, these requests are directed to one of the multiple inside servers specified in the NAT pool. This is done in a round-robin manner, distributing the load among the available servers.
The ip nat inside destination command can also be used to mask the actual IP address of a server on the inside network. This one-to-one translation is created by specifying a single address in the NAT pool. However, the translation created by this command is a dynamic translation. The ip nat inside destination command does not support the static keyword and cannot be used to build static mapping.
Thanks for the reply, we have no issues or problems with the ip nat command and usage..our issue is when we add another vlan to the device it causes issues with the nat/pat translation tables...I hope this makes the problem more clear.
Over what sort of period are we talking about here? IFAIK, the translation timeout is 24-hours, but that is 24 hours of inactivity on the flow. Could there be something keeping these PAT entries alive? What do you get if you look at the detail of some of the older ones?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...