We use ip nat to let users connecting to the internet through a 2621XM.They can connect but each hour, we have to do a "clear ip nat translation" , otherwise, the router is too slow, it takes many seconds to write one command.
Is there anything we can do to avoid it or is there a way to launch "clear ip nat translation" automatically every 30 munites for example?
when an entry is first placed into the NAT table, a timer is started; the period of the timer is the translation timeout. Each time the entry is used to translate the source or destination address of a subsequent packet, the timer is reset. If the timer expires, the entry is removed from the NAT table and the dynamically assigned address is returned to the pool. Cisco's default translation timeout is 86,400 seconds (24 hours).
timeout 86,400 sec
dns-timeout 60 sec
finrst-timeout 60 sec
icmp-timeout 60 sec
port-timeout tcp 60 sec
port-timeout udp 60 sec
syn-timeout 60 sec
tcp-timeout 86,400 sec
udp-port 300 sec
'timeout', 'tcp-timeout' and 'udp-port' are non port specific ... that is, maybe you have a lot of "non port specific" translations, and now your router works too much.
Check 'sh proc cpu', 'sh proc mem' and 'sh ip nat statistics'
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...