Restrictions for Paired-Address-Pooling Support in NAT
Paired address pooling uses more memory, and the scaling of translations is much lower than standard Network Address Translation (NAT) configuration due to the following reasons:
Use of a new data structure that tracks each local address.
Use of the paired-address-pooling limit. When the number of users on a global address reaches the configured limit, the next global address is used for paired address pooling. The paired-address-pooling limit uses more memory and requires more global addresses in the address pool than standard NAT.
Two IP address pools with same IP addresses in two different mapping is not supported.
The following example shows two non-VRF mappings. The addresses used in these two pools mappings should not overlap.
ip nat pool natpool1 126.96.36.199 188.8.131.52 prefix-length 24 ip nat pool natpool2 184.108.40.206 220.127.116.11 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload ip nat inside source list acl1 pool natpool1 overload
This following example is a combination of non-VRF and VRF-to-global mappings. In this example as well, sharing IP addresses in pools are not supported.
ip nat pool natpool1 18.104.22.168 22.214.171.124 prefix-length 24 ip nat pool natpool2 126.96.36.199 188.8.131.52 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload //non-vrf mapping// ip nat inside source list acl1 pool natpool1 vrf vrf1 overload //vrf mapping//
The only case where same pools can be used in two different mapping is for the match-in-vrf mappings.