Loading...
Loading...
ASR1K ISG 16.9.5 ESP Platform seems to be running out of NAT port translation after a period of time. Customer observes message logs with NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed.
yf51.lga51#show platform hardware qfp active feature nat datapath stats non_extended 0 entry_timeouts 9310 statics 0 static net 0 hits 2722375 flowdb_hits 0 misses 8854 non_natted_in2out 591083932574 nat_bypass 0 non_natted_out2in 302886273963 Proxy stats: ipc_retry_fail 0 cfg_rcvd 11 cfg_rsp 16 Subcode #2 ALG_PROCESS_TOKEN_FAIL 350 Subcode #6 ALG_PKT_SANITY_FAIL 175344 Subcode #7 PARSE_ERR 436171 Subcode #10 ADDR_ALLOC_FAIL 1153910 Subcode #17 NON_PATTABLE 2307481 Subcode #18 ALLOC_ADDR_PORT_FAIL 424365265 Subcode #29 LIMIT 20594895 Subcode #32 BAD_DGLEN 1 Subcode #33 ADDR_NOT_AVAIL 424365615 Subcode #36 POOL_LOCK 7247 Subcode #51 POOL_LOCK_RD 16589
Customer is performing on ASr1K ISG router a clear ip nat translations * witch fixes issue temporary after few days NAT'ed PORs get exhausted.
When the translation limit is reached for any host, NAT would drop the packet and not create new translation. if NAT has already allocated port for this packet, it is supposed to release the port which NAT was no doing. Leak seems to be related to following command: ip nat translation max-entries all-host 1000
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
BugZero Plan
Streamline upgrades with automated vendor bug scrubs
BugZero Prevent
Wish you caught this bug sooner? Get proactive today.