Restrictions For Dynamic Nat; Guidelines And Limitations For Dynamic Twice Nat - Cisco Nexus 3548 Configuration Manual

Nx-os interfaces release 9x

Hide thumbs Also See for Nexus 3548:

Command reference manual (556 pages)

Configuration manual (230 pages)

Installation manual (112 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

page of 138

/ 138
Contents
Table of Contents
Bookmarks

Table of Contents

Restrictions for Dynamic NAT

• More than 127 PD NAT statics entries are not supported because of a hardware limitation that

Restrictions for Dynamic NAT

The following restrictions apply to dynamic Network Address Translation (NAT):

• Fragmented packets are not supported.

• Application layer gateway (ALG) translations are not supported. ALG, also known as application-level

• NAT and VLAN Access Control Lists (VACLs) are not supported together on an interface. You can

• Egress ACLs are not applied to translated packets.

• MIBs are not supported.

• Cisco Data Center Network Manager (DCNM) is not supported.

• Dynamic NAT translations are not synchronized with active and standby devices.

• Stateful NAT is not supported. However, NAT and Hot Standby Router Protocol (HSRP) can coexist.

• Normally, ICMP NAT flows time out after the expiration of the configured sampling-timeout and

• If the translated IP is part of the outside interface subnet, then use the ip local-proxy-arp command on

• When creating a new translation on a Cisco Nexus 3548 Series switch, the flow is software forwarded

Guidelines and Limitations for Dynamic Twice NAT

See the following guidelines for configuring dynamic twice NAT:

• In dynamic twice NAT, if dynamic NAT flows are not created before creating static NAT flows, dynamic

• When an empty ACL is created, the default rule of permit ip any any is configured. The NAT-ACL

Cisco Nexus 3548 Switch NX-OS Interfaces Configuration Guide, Release 9x

•

NAT

• DHCP Relay

• VACL

inconsistently increment the CoPP hardware counters.

gateway, is an application that translates IP address information inside the payload of an application

packet.

configure either NAT or VACLs on an interface.

translation-timeout. However, when ICMP NAT flows present in the switch become idle, they time out

immediately after the expiration of the sampling-timeout configured.

the NAT outside interface.

until the translation is programmed in the hardware, which might take a few seconds. During this period,

there is no translation entry for the inside global address. Therefore, returning traffic is dropped. To

overcome this limitation, create a loopback interface and give it an IP address that belongs to the NAT

pool.

twice NAT flows are not created correctly.

does not match further ACL entries if the first ACL is blank.

Configuring Static and Dynamic NAT Translation

Table of Contents

Show Quick Links

Quick Links:
Configuring Ethernet Interfaces
Verifying the Layer 2 Interfaces Configuration
Vlan Interfaces

Hide quick links:

Table of Contents

Restrictions For Dynamic Nat; Guidelines And Limitations For Dynamic Twice Nat - Cisco Nexus 3548 Configuration Manual

Restrictions for Dynamic NAT

Restrictions for Dynamic NAT

Guidelines and Limitations for Dynamic Twice NAT

Hide quick links:

Related Manuals for Cisco Nexus 3548

Related Content for Cisco Nexus 3548

Table of Contents