Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
398
Views
0
Helpful
2
Replies

Clearing NAT Translations

Go to solution
navneet_78
Level 1
Level 1

‎02-24-2006 06:48 PM - edited ‎03-03-2019 11:52 AM

I have seen in many cases while troubleshooting Application accessibility issues, when we clear the NAT translations on the Router applications start working. How does this help?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
arvindchari
Level 3
Level 3
In response to navneet_78

‎02-24-2006 09:13 PM

Hi navneet,

In my opinion, in cases of NAT using Port address translation, a total of 64500 ports are available for overloading several clients onto a single public IP. In some cases, such as when the clients are infected with viruses, the design of the virus might be such that it would attempt to open a large number of ports to a certain public IP address on the outside interface. These may remain in the connecting state for a long period of time so they cannot be reassigned to other clients. Compound this with several clients being infected simultaneously and you can see what the scale of the problem could be

In such an event, the NAT device would run of ports to assign to valid connections for applications / email. Clearing the nat translation table would solve the problem temporarily.

Again this is just a hypothetical scenario. Im a noob so dont take my word for it and use a packet sniffer to capture live data using SPAN and analyze it. Also have a look @ your NAT translation table before clearing it to see if you can get some clues as to what might be causing it.

Hope this helps. Do post back if it does! :)

Arvind

View solution in original post

0 Helpful
2 Replies 2

Go to solution
navneet_78
Level 1
Level 1

‎02-24-2006 08:56 PM

Can someone please reply as to how the clearing of NAT translations help?

0 Helpful

Go to solution
arvindchari
Level 3
Level 3
In response to navneet_78

‎02-24-2006 09:13 PM

Hi navneet,

In my opinion, in cases of NAT using Port address translation, a total of 64500 ports are available for overloading several clients onto a single public IP. In some cases, such as when the clients are infected with viruses, the design of the virus might be such that it would attempt to open a large number of ports to a certain public IP address on the outside interface. These may remain in the connecting state for a long period of time so they cannot be reassigned to other clients. Compound this with several clients being infected simultaneously and you can see what the scale of the problem could be

In such an event, the NAT device would run of ports to assign to valid connections for applications / email. Clearing the nat translation table would solve the problem temporarily.

Again this is just a hypothetical scenario. Im a noob so dont take my word for it and use a packet sniffer to capture live data using SPAN and analyze it. Also have a look @ your NAT translation table before clearing it to see if you can get some clues as to what might be causing it.

Hope this helps. Do post back if it does! :)

Arvind

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card