Just curious if anyone has any #s on how many active NAT translations a 3640 can handle before it starts having issues. Found a cisco doc that saids a NPE-300 (7200 series) can handle 20,000 to 40,000 before a 'meltdown' occurs.
Yes, this is a limitation with the protocol itself. Theres only 65535 ports, UDP and TCP are seperate. But a TCP/IP application can't be NAT'd w/a UDP port
The maxinum number of translations per protocol is around 64,000 I would guess (this will vary by implementation). Most vendors NAT between ports 1025 - 65535. Some don't use the lower or higher port #s so it depends. The default timeout per NAT entry on cisco IOS is 24 hrs so you can adjust the timeout values to timeout the connections sooner to free up resources and to make room for new NAT translations if you're doing a lot of translations.
Also, NAT was originally created as a way to get around public IPv4 addresses running out until people converted to IPv6 address space. That was awhile ago... and were still using IPv4 mostly everywhere.
You would need to do overload / PAT across 2 IP addresses at a minimum. Maybe 3... it depends on the implementation of NAT for the product you're using. The device would have to be capable of handling that many translations without crawling or crashing also.
I would look at the design or using multiple boxes/routers if you really need that many though.
I searched CISCO for "nat overload" configuration and found the detailed process. Actually, I'm an network administrator of an small ISP. That's why I need to deal with this many NAT translations. I'm now using 2 Linux boxes as our NAT device. I'm planning to use our CISCO 6509 instead.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...