From: Sudhanshu Gupta (sudhanshu.gupta@xxxxxxxxxxx)
Date: Fri May 10 2002 - 06:00:04 GMT-3
Thanks Nick for the info.
Will update you guys.
-sudhanshu
> -----Original Message-----
> From: Nick Shah [SMTP:nshah@connect.com.au]
> Sent: Friday, May 10, 2002 1:37 PM
> To: Sudhanshu Gupta; ccielab@groupstudy.com
> Subject: Re: NAT problem
>
> bug id : CSCdu78165
>
> //snip//
> When running ios version 12.1.5.T7 on a 3600 series router and running nat
> with a large static nat traslation table and a single address nat pool with
> overload, dynamic nat translation may intermittantly hang. The workaround
> for this problem is to clear the nat translation table which will restart
> the dynamic nat process.
> //snip//
>
> there are similar bug (this being the closest). and all of them states clear
> ip nat trans * as a work around.
> You could raise TAC if you still have issues.
>
> ps. you could tweak those timeouts to a bit less and see if that alleviates
> the issue
>
> hth
> Nick
>
> -----Original Message-----
> From: Sudhanshu Gupta <sudhanshu.gupta@wipro.co.in>
> To: Nick Shah <nshah@connect.com.au>; ccielab@groupstudy.com
> <ccielab@groupstudy.com>
> Date: Friday, 10 May 2002 5:36
> Subject: RE: NAT problem
>
>
> Nick,
> Thanks.
> We already upgraded the IOS and tried clearing NAT table with "clear ip nat
> tran * " but that didn't help.
> -sudhanshu
>
> ps:
> relevent portions of config are:
>
> outside interface - serial 1/0
> inside interface - FastEther 1/0 and async65
>
> !
> ip local pool classpool 10.49.67.130 10.49.67.254
> ip nat translation timeout 3600
> ip nat translation tcp-timeout 3600
> ip nat pool aod x.y.z.67 x.y.z.70 netmask 255.255.255.248
> ip nat inside source list 1 pool aod overload
> ip classless
>
>
>
> > -----Original Message-----
> > From: Nick Shah [SMTP:nshah@connect.com.au]
> > Sent: Friday, May 10, 2002 1:06 PM
> > To: Sudhanshu Gupta; ccielab@groupstudy.com
> > Subject: Re: NAT problem
> >
> > I saw this prob. once on a customer network (Cisco 1720), basically he was
> > doing PAT (NAT on single public ip address). We upgraded the IOS and the
> > issue was resolved. In his case the number of NAT entries were running
> into
> > 100's. There seems to be a bug associated with it (cant recall it now.) I
> > think there may be a bottleneck associated with amount of memory / number
> of
> > NAtted entries that can exist.
> >
> > But I also figured out that you can do a clear ip nat trans * and then the
> > router will purge the current NAT dynamic entries and starts working again
> > (till it hits the bottleneck again). Try this as a workaround..
> >
> > Permanent workaround (if you are indeed using PAT) would be to allocate a
> > small pool of public IP addresses and do a NAT on that.
> >
> > hth
> > Nick
> >
> >
> > -----Original Message-----
> > From: Sudhanshu Gupta <sudhanshu.gupta@wipro.co.in>
> > To: ccielab@groupstudy.com <ccielab@groupstudy.com>
> > Date: Friday, 10 May 2002 5:14
> > Subject: NAT problem
> >
> >
> > >Team,
> > >Can any one shed some light on this. We start getting these message on
> our
> > 3660. It was running on 12.2 (3) and we upgrded it to 12.2 (7)b, but the
> > message havn't stopped. And router stops doing any NAT translation. Only
> > reboot helps.
> > >
> > >15:40:54: NAT: address not stolen for 10.49.67.178, proto 17 port 1102
> > >15:40:54: NAT: failed to allocate address for 10.49.67.178, list/map 1
> > >15:40:54: NAT: translation failed (A), dropping packet s=10.49.67.178
> > d=212.162.
> > >
> > >Any ideas.
> > >Thanks for help.
> > >-sudhanshu
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:54 GMT-3