Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Attn: NAT Experts - 2611XM and NAT pool

Reply
Thread Tools

Attn: NAT Experts - 2611XM and NAT pool

 
 
JCVD
Guest
Posts: n/a
 
      02-12-2004
I've allocated 5 IP addresses to a NIC.

My questions are these :

Does it ONLY use the 2nd address in the range IF there are no more TCP
ports left to allocate from the 1st ?

When does it check the "available" ports ? Does it check when its used
ALL ports from the combined IP address (5x 65,535) pool or does it
check on each request ?

If the router tells me from a "sho ip nat stat" command that its
allocated 3 IP addresses out of the 5 then how many ports must it have
had opened to do this ?

OR

Does it see this pool (5 x 65,535) as 1 huge pool and then only checks
what ports are available after it reached the last port in the range ?

I've read that it will ONLY waterfall over to the 2nd IP address if it
has NO MORE AVAILABLE ports left from the 1st address.

Can someone confirm this for me please ?

Much TIA

Jas
 
Reply With Quote
 
 
 
 
Martin Gallagher
Guest
Posts: n/a
 
      02-13-2004
On Thu, 12 Feb 2004 12:05:22 -0800, JCVD wrote:


> Does it ONLY use the 2nd address in the range IF there are no more TCP
> ports left to allocate from the 1st ?


I don't believe so.


> When does it check the "available" ports ? Does it check when its used
> ALL ports from the combined IP address (5x 65,535) pool or does it check
> on each request ?
>
> If the router tells me from a "sho ip nat stat" command that its
> allocated 3 IP addresses out of the 5 then how many ports must it have
> had opened to do this ?
>
>

Not possible to tell. The current # of dynamic translations + the number
of expired translations puts an upper bound on it for you. Doesn't say
how many ports have been used, 'cause there's no rule against reusing
ports in a new translation.

It's a black art anyway, but I have read somewhere that they try to
allocate the same port # as the source. If they can't do that they look
for a 'nearby' one. If there isn't one sufficiently 'nearby', based on
some arcane criteria I don't know about they might just move onto another
address in the pool and start fishing around in that.

I think it boils down to the number of translations created and the
number of addresses used not necessarily having any particular
relationship at all.

--
Rgds,
Martin
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dynamic NAT pool doesn't report full when pool contains interface IP tom Cisco 0 10-09-2009 02:22 AM
does python have a generic object pool like commons-pool in Java Rick Lawson Python 8 07-16-2009 11:25 PM
2611XM, 2621XM and 2651XM huntkey Cisco 0 03-01-2009 03:56 AM
PIX 501 issue routing between VPN pool and local pool eostrike Cisco 3 10-24-2008 09:43 PM
Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached. Guoqi Zheng ASP .Net 4 06-03-2004 06:39 PM



Advertisments