Restrictions for Paired-Address-Pooling Support in NAT
Paired address pooling uses more memory, and the scaling of translations is much lower than standard Network Address Translation (NAT) configuration due to the following reasons:
Use of a new data structure that tracks each local address.
Use of the paired-address-pooling limit. When the number of users on a global address reaches the configured limit, the next global address is used for paired address pooling. The paired-address-pooling limit uses more memory and requires more global addresses in the address pool than standard NAT.
Two IP address pools with same IP addresses in two different mapping is not supported.
The following example shows two non-VRF mappings. The addresses used in these two pools mappings should not overlap.
ip nat pool natpool1 22.214.171.124 126.96.36.199 prefix-length 24 ip nat pool natpool2 188.8.131.52 184.108.40.206 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload ip nat inside source list acl1 pool natpool1 overload
This following example is a combination of non-VRF and VRF-to-global mappings. In this example as well, sharing IP addresses in pools are not supported.
ip nat pool natpool1 220.127.116.11 18.104.22.168 prefix-length 24 ip nat pool natpool2 22.214.171.124 126.96.36.199 prefix-length 24 ip nat inside source list acl2 pool natpool2 overload //non-vrf mapping// ip nat inside source list acl1 pool natpool1 vrf vrf1 overload //vrf mapping//
The only case where same pools can be used in two different mapping is for the match-in-vrf mappings.