Restrictions for Paired-Address-Pooling Support in NAT
Paired address pooling uses more memory, and the scaling of translations is much lower than standard Network Address Translation (NAT) configuration due to the following reasons:
-
Use of a new data structure that tracks each local address.
-
Use of the paired-address-pooling limit. When the number of users on a global address reaches the configured limit, the next global address is used for paired address pooling. The paired-address-pooling limit uses more memory and requires more global addresses in the address pool than standard NAT.
-
Two IP address pools with same IP addresses in two different mapping is not supported.
The following example shows two non-VRF mappings. The addresses used in these two pools mappings should not overlap.
ip nat pool natpool1 83.0.0.56 83.0.0.56 prefix-length 24 ip nat pool natpool2 83.0.0.56 83.0.0.56 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload ip nat inside source list acl1 pool natpool1 overload
This following example is a combination of non-VRF and VRF-to-global mappings. In this example as well, sharing IP addresses in pools are not supported.
ip nat pool natpool1 82.0.0.15 82.0.0.15 prefix-length 24 ip nat pool natpool2 82.0.0.15 82.0.0.15 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload //non-vrf mapping// ip nat inside source list acl1 pool natpool1 vrf vrf1 overload //vrf mapping//
The only case where same pools can be used in two different mapping is for the match-in-vrf mappings.