cancel
Showing results for 
Search instead for 
Did you mean: 

NAT Error "Global IP addresses exhausted for pool"

NAT Error "Global IP addresses exhausted for pool"

info_systemhaus
New Contributor II
We have implemented a SSA 150 as a central core device in our Network.

We have a full Public Class C Network but have only defined 10 NAT Pools with one Public IP for every pool.

The pools are for different VLAN ́s and worker Groups .. Employments / Guests ...

There are nearly 100 - 300 devices in every Group Online ...

On my syslog Server this error comes since 4 days 20 times a day :

RtrNat[1]Router global: Failed to allocate ip address (Global IP addresses
exhausted for pool) reported 1 times


Nearly .. 10 times on a sunday with not a lot of traffic.

What is the Problem there ? .... can one public IP only handle a limited private Nat translations...

Of course i could grow up the pools an give one pool 3 or 4 public IP ́s ,,,

But first i want to know if this is Fixing the Problem.

Chris

9 REPLIES 9

info_systemhaus
New Contributor II
that sounds good .. but the entry on "NO GLOBAL IP Adr: is counting 14241 ... the system is
only 2 weeks alive ...

Jeremy_Gibbs
Contributor
Hmm... there should be around ~65,536 for 1 IP address. I also don't see the counters going up. I think if the message is not happening on a very regular basis (not happening every few seconds), it could just be a NAT miss. I see these on our Cisco ASR all the time.

*Sep 28 11:19:07: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:087 TS:00001467309607427649 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 10 may be exhausted

I know the pool isn't exhausted. But for some reason the ASR can't allocate a port translation. Cisco said this isn't anything to worry about as long as it's not constent.

info_systemhaus
New Contributor II
Yes ,.. the error itself is clear .. but where can i find the limit for this pool so that know how to increase the pool ....
What is the limit for one Public IP ??
And how to see the actual usage of this pool ...

some Screens attached :

e5a70d1c74ec43ffba12ace2b3371146_RackMultipart20150928-18543-1nst6wd-nat-info_inline.png

Jeremy_Gibbs
Contributor
Or BitTorrent traffic can use a lot.

Jeremy_Gibbs
Contributor
One user doing a port scan on the internet could easily exhaust a single IP NAT pool.
GTM-P2G8KFN