Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT TCP translation timout

Hi All,

Can anybody explain to me why the NAT TCP translation timeout default is 86400 seconds (1 day). I am running NAT overload and most of the time my NAT space gets filled over with lot of translations. I want to know the appropriate TCP fine tuning in this regard.

Thanks,

Praful

1 REPLY
Community Member

Re: NAT TCP translation timout

Hi Praful,

I think you have many P2P application, like BT, EDonkey etc. Each NAT entry uses around 20 bytes of memory, router would run out os memory if sessions burst out in a high volume. So you need limit the nat entry number on router, try:

ip nat translation tcp-timeout 60

ip nat translation max-entries 70

You can tune tcp-timeout and max-entries smaller until it works fine.

463
Views
0
Helpful
1
Replies
CreatePlease to create content