Question about Dynamic NAT/PAT limits

Chris Brun · ‎11-05-2014

Just implemented a straightforward NAT using overload working, however, I have a question about the limits I see on the show ip nat pool command. For example:

ASR-CO-F8#show ip nat pool name ComcastLR-WL

NAT Pool Statistics

Pool name ComcastLR-WL, id 9
Assigned Available
Addresses 1 1
UDP Low Ports 226 798
TCP Low Ports 4 1020
UDP High Ports 629 128393
TCP High Ports 52548 76474

(Low ports are less than 1024. High ports are greater than or equal to 1024.)

When I add up the Assigned and Available, I get 129,022. Is that the absolute limit I can get with a single IP address? Where did this number come from (I would have expected something like 65,500)? Can I assume that should I reach this number of assigned NAT's, future NAT requests will fail?

Thanks

Mohit Sahai · ‎11-25-2014

Hello,

Trust you are doing good.

I think you are hitting the Bug ID CSCuo10862 or CSCum76021

CSCuo10862 XE3.13: show ip nat pool name <pool name> output not proper

CSCum76021 Issue with output for "show ip nat pool name nat-pool"

The entries are indeed wrong and are not expected.

Once you reach the limit of 65535(not sure if it is exact but somewhere near to it), you would start facing logs

%NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 5 may
be exhausted

Regards,

Mohit

**Please rate the post if you find this helpfull