Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How ICMP fragments are handled by devices configured for NAT overloading

Core Issue

Configuring Network Address Translation (NAT) on a device might be required for these purposes:

  • To hide the actual IP address of the inside hosts
  • To strictly control the ability of the inside devices to access the outside world
  • To strictly control access to inside hosts from the outside world


NAT overload or Port Address Translation (PAT) allows multiple internal addresses to be translated to an external address by additionally using port numbers to distinguish between translations. When a device configured for NAT overload receives Internet Control Message Protocol (ICMP) fragments, the manner in which the fragments are handled depends on the order in which fragments are received and the state of the NAT translation table.


For information on how ICMP fragments are treated by a device configured for NAT, refer to How NAT Handles ICMP Fragments.