BugZero | Cisco BugID CSCwf68557 - Few TCP and UDP NAT entries are not timing out pos...

Cisco - Defect ID: CSCwf68557

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped

Cisco - Defect ID: CSCwf68557

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped

Last updated on January 16th, 2026

BugZero Risk Score
5.7 Medium

Overall: 5.7

Severity: 6.4

Lifecycle: 4.6

Popularity: 5.1

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 30

Description

Symptom

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped and never timeout. *Jun 14 05:23:11.847: %IOSXE-4-PLATFORM: R0/0: cpp_cp: QFP:0.0 Thread:006 TS:00000090041558278561 %NAT-4-DEFAULT_MAX_ENTRIES: default maximum entries value 131072 exceeded; frame dropped show ip nat statistics Total active translations: 131072 (0 static, 131072 dynamic; 131072 extended) If we collect "show ip nat translations verbose" output, we see NAT entries with timeout 0. Pro Inside global Inside local Outside local Outside global udp x.x.x.x:27013 10.10.10.10:57604 y.y.y.y:443 z.z.z.z:443 create: 07/14/23 05:34:09, use: 07/14/23 05:34:09, timeout: 00:00:00 >>>>>>> RuleID : 1 Flags: unknown ALG Application Type: NA WLAN-Flags: unknown Mac-Address: 0000.0000.0000 Input-IDB: VRF: 1, entry-id: 0x5074e1f0, use_count:1 In_pkts: 1 In_bytes: 204, Out_pkts: 1 Out_bytes: 248 Output-IDB: TenGigabitEthernet0/1/0

Conditions

H/W: C8500L-8S4X S/W: 17.06.03a.0.3(c8000aes-universalk9.17.06.03a.SPA.bin) and 17.06.05.0.5797 (c8000aes-universalk9.17.06.05.SPA.bin)

Workaround

clear ip nat translations * manually or implement EEM script event manager applet max-nat-entries authorization bypass event syslog pattern "%NAT-4-DEFAULT_MAX_ENTRIES: default maximum entries value 131072 exceeded" action 001 cli command "enable" action 002 cli command "terminal length 0" action 003 cli command "show clock" action 004 cli command "show ip nat translation total" action 005 syslog msg "Detecting NAT max entries clearing nat table after default 131072 reached" action 010 cli command "clear ip nat translation *" action 011 cli command "show ip nat translation total" action 012 cli command "end"

Further Problem Description

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped. C8500L-lab#show ip nat statistics Total active translations: 2145 (0 static, 2145 dynamic; 2145 extended)

Change history

2026-01-16 Added: 17.6.5

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.6.5

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.6.5

Fixed versions: No known fixed versions

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwf68557

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped

Cisco - Defect ID: CSCwf68557

Few TCP and UDP NAT entries are not timing out post the traffic for those entries is stopped

Last updated on January 16th, 2026

BugZero Risk Score5.7 Medium

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
5.7 Medium