Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT misses incrementing

Can you explain what is happening when the "misses" field is incrementing on a "show ip nat statistics"? The command refernece explanation is "Number of times the software does a translations table lookup, fails to find an entry, and must try to create one".

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: NAT misses incrementing

I *probably* wouldn't consider this a problem. The "misses" are normal behavior. When the router performs a dynamic translation, it inserts an entry for that translation into the NAT table. Additional packets that match that translation just use the existing entry in the NAT table (and are logged as "hits"). If the entry times out, or a packet needs to be translated that doesn't have an entry in the NAT table, IOS increments the "misses" counter and performs the translation.

Depending on your configuration, it may be possible to reduce the number of misses by increasing the timeout values for the entries in the NAT table.

3 REPLIES
Bronze

Re: NAT misses incrementing

Basically traffic is passing through the router that should be translated, but an existing translation (either static or dynamic) doesn't already exist the in NAT table. IOS increments the "misses" field, as opposed to "hits", and performs the translation.

~Zach

Community Member

Re: NAT misses incrementing

If you were seeing a high number of misses would this be considered a problem? Do you have any idea what would normally cause the misses? If so what would be the fix for it?

Bronze

Re: NAT misses incrementing

I *probably* wouldn't consider this a problem. The "misses" are normal behavior. When the router performs a dynamic translation, it inserts an entry for that translation into the NAT table. Additional packets that match that translation just use the existing entry in the NAT table (and are logged as "hits"). If the entry times out, or a packet needs to be translated that doesn't have an entry in the NAT table, IOS increments the "misses" counter and performs the translation.

Depending on your configuration, it may be possible to reduce the number of misses by increasing the timeout values for the entries in the NAT table.

185
Views
0
Helpful
3
Replies
CreatePlease to create content