Building Network Automation Solutions
6 week online course starting in September 2017

Round-robin NAT: any ideas?

Valeriy sent me a really interesting question:

When you’re using PAT with a NAT address pool, the routers use the lowest IP addresses from the pool as long as possible, using a new address from the pool only when the TCP/UDP ports on the active ones are depleted. This causes problems with services limiting the number of connections from one IP address. Is there any way to make the router use the whole pool for outgoing connections in a round-robin fashion?

Valeriy has already tried rotary pools, but they don’t work with PAT and the ip nat portmap is only useful for VoIP traffic. Any other ideas?


  1. If you have enough addresses for everybody who'd be using the NAT, you can drop "overload" from the configuration (don't use PAT). That will cause internal clients to each get their own address (until the pool is depleted).

  2. If you have enough address space, what the reason to use NAT?


You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.