leveler Posted March 22, 2011 Posted March 22, 2011 Добрый день! По поиску именно мою проблему не нашёл. Пишу сюда поэтому. Использую PAT (NAT overload) на ASR1002. Но у меня из 31 адреса в пуле только одни уходит под overload, а остальные 30 под 1-в-1. Как так? Искал на цыско.ком в багах, не нашёл ничего схожего тоже. Версия софта: Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVIPSERVICES-M), Version 15.0(1)S2, RELEASE SOFTWARE (fc1) Верси железа: ASR1002#sh inventory NAME: "Chassis", DESCR: "Cisco ASR1002 Chassis" PID: ASR1002 , VID: V04, SN: <серийник> NAME: "module F0", DESCR: "Cisco ASR1000 Embedded Services Processor, 5Gbps" PID: ASR1000-ESP5 , VID: V03, SN: <серийник> NAME: "Power Supply Module 0", DESCR: "Cisco ASR1002 AC Power Supply" PID: ASR1002-PWR-AC , VID: V02, SN: <серийник> NAME: "Power Supply Module 1", DESCR: "Cisco ASR1002 AC Power Supply" PID: ASR1002-PWR-AC , VID: V02, SN: <серийник> NAME: "module 0", DESCR: "Cisco ASR1002 SPA Interface Processor 10" PID: ASR1002-SIP10 , VID: V04, SN: <серийник> NAME: "SPA subslot 0/1", DESCR: "5-port Gigabit Ethernet Shared Port Adapter" PID: SPA-5X1GE-V2 , VID: V02, SN: <серийник> NAME: "subslot 0/1 transceiver 1", DESCR: "GE LX" PID: N/A , VID: 0000, SN: <серийник> NAME: "subslot 0/1 transceiver 3", DESCR: "GE LX" PID: N/A , VID: 1.0 , SN: <серийник> NAME: "subslot 0/1 transceiver 4", DESCR: "GE LX" PID: N/A , VID: 1.0 , SN: <серийник> NAME: "SPA subslot 0/0", DESCR: "4-port Gigabit Ethernet Shared Port Adapter" PID: 4XGE-BUILT-IN , VID: V00, SN: <серийник> NAME: "subslot 0/0 transceiver 1", DESCR: "GE T" PID: N/A , VID: 1.0 , SN: <серийник> NAME: "subslot 0/0 transceiver 2", DESCR: "GE LX" PID: N/A , VID: 1.0 , SN: <серийник> NAME: "subslot 0/0 transceiver 3", DESCR: "GE LX" PID: N/A , VID: 1.0 , SN: <серийник> NAME: "module R0", DESCR: "Cisco ASR1002 Route Processor 1" PID: ASR1002-RP1 , VID: V04, SN: <серийник> Настройки NAT: ip nat translation timeout 3600 ip nat translation tcp-timeout 900 ip nat translation udp-timeout 180 ip nat translation finrst-timeout 45 ip nat translation syn-timeout 45 ip nat translation dns-timeout 30 ip nat translation icmp-timeout 45 ip nat translation port-timeout tcp 110 60 ip nat translation port-timeout tcp 25 60 ip nat translation port-timeout tcp 6112 1800 ip nat translation port-timeout tcp 5222 1800 ip nat translation port-timeout tcp 1723 1800 ip nat translation port-timeout tcp 3389 1800 ip nat translation max-entries 1000000 no ip nat service H225 no ip nat service ras ip nat pool ttk-1 100.100.100.225 100.100.100.255 prefix-length 27 ip nat inside source route-map nat-ttk-1 pool ttk-1 overload ip nat inside source route-map nat-ttk-1 pool ttk-1 overload route-map nat-ttk-1 deny 5 match ip address real-ip-ttk route-map nat-ttk-1 permit 10 match ip address subscr-nat match interface GigabitEthernet0/0/1 Статистика NAT: ASR1002#sh ip nat statistics ... [Id: 3] route-map nat-ttk-1 pool ttk-1 refcount 139531 pool ttk-1: netmask 255.255.255.224 start 100.100.100.225 end 100.100.100.255 type generic, total addresses 31, allocated 31 (100%), misses 468 ... В лог периодически сыпется: 018160: Mar 5 17:42:40.337 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:038 TS:00006069156812517226 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018161: Mar 5 17:42:45.468 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:016 TS:00006069161943352867 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018162: Mar 5 17:42:51.324 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:006 TS:00006069167799112707 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018163: Mar 5 18:01:24.181 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:088 TS:00006070280602411529 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018164: Mar 5 18:01:29.384 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:001 TS:00006070285805108696 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018165: Mar 5 18:01:34.405 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:029 TS:00006070290826736266 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted 018166: Mar 5 18:01:39.791 OMST: %IOSXE-6-PLATFORM: F0: cpp_cp: QFP:00 Thread:030 TS:00006070296212145339 %NAT-6-ADDR_ALLOC_FAILURE: Address allocation failed; pool 3 may be exhausted Вставить ник Quote
leveler Posted March 24, 2011 Author Posted March 24, 2011 Сделал пул rotary: ip nat pool ttk-1 100.100.100.225 100.100.100.255 prefix-length 27 type rotary Пишет, что выделен один адрес: [Id: 8] route-map nat-ttk-1 pool ttk-1 refcount 104772 pool ttk-1: netmask 255.255.255.224 start 100.100.100.225 end 100.100.100.255 type rotary, total addresses 31, allocated 1 (3%), misses 0 Но через show ip nat stat | i 100.100.100.2 вижу, что 14 адресов записано как натирование 1-в-1. Где я туплю? Вставить ник Quote
Walday Posted March 24, 2011 Posted March 24, 2011 Тема вроде поднималась - не работает на ASR1002 overload.. команда принимается, а не работает.. Вставить ник Quote
leveler Posted April 5, 2011 Author Posted April 5, 2011 Тема вроде поднималась - не работает на ASR1002 overload.. команда принимается, а не работает.. А ссылкой не поделитесь? Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.