Options
Cisco ASR1006 Dynamic NAT timeout
Ran into a issue today with an ASR1006 and hitting the default maximum dynamic NAT limit of 524288. To resolve this quickly on the fly I increased the limit to 750K, however I would like to step this back down to the default.
While investigating I noticed the default NAT timeout for dynamic entries is 24 hours by default. I have many idle NATs when using this timeout. I am toying with the idea of setting the NAT timeout to 8 hours. Can anyone attest to any negative impacts this may have other than after 8 hours a miss being logged and slight delay as a new NAT is created?
A little history; we are moving to a global private IP scheme. We have around 420 24bit networks sitting behind this node, and its redundant neighbor, while we are readdressing.
While investigating I noticed the default NAT timeout for dynamic entries is 24 hours by default. I have many idle NATs when using this timeout. I am toying with the idea of setting the NAT timeout to 8 hours. Can anyone attest to any negative impacts this may have other than after 8 hours a miss being logged and slight delay as a new NAT is created?
A little history; we are moving to a global private IP scheme. We have around 420 24bit networks sitting behind this node, and its redundant neighbor, while we are readdressing.