Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

icmperr during NAT translation

We are using 7206VXR with NAT. We recently upgraded the router to 12.2(7c).

" sh ip nat tran | inc icmperr " gives me lot of messeges like

" icmperr 203.x.x.x 10.x.x.x --- --- ".

Tried to simulate the problem , but not sure what is causing this error. Any help ?

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: icmperr during NAT translation

In older IOS versions, when a router running NAT received an ICMP error message, NAT would try to allocate an address and create a simple entry. If the router was set up to overload off an interface or did not have any addresses left to allocate, the ICMP error packet would be dropped.

So now, instead of dropping the packet, the router picks any address (from the pool or from the interface) and creates a simple entry with the protocol value as "icmperr". This entry is used only to translate ICMP errors and will timeout after 1 minute (the timeout value cannot be changed).

1 REPLY
Bronze

Re: icmperr during NAT translation

In older IOS versions, when a router running NAT received an ICMP error message, NAT would try to allocate an address and create a simple entry. If the router was set up to overload off an interface or did not have any addresses left to allocate, the ICMP error packet would be dropped.

So now, instead of dropping the packet, the router picks any address (from the pool or from the interface) and creates a simple entry with the protocol value as "icmperr". This entry is used only to translate ICMP errors and will timeout after 1 minute (the timeout value cannot be changed).

144
Views
0
Helpful
1
Replies
CreatePlease login to create content