8. LimitationsΒΆ
Here are the known CG-NAT limitations of the vRouter.
Limitation |
Impact |
|---|---|
Paired address pooling cannot be disabled. |
If a user consumes all its ports on a public IP address, a new public IP must be added to the pool and all the sessions must be flushed for the user to start using the new IP. Refer to the Full IP Public section. |
Pools are not shareable. |
A pool cannot be shared by two different rules. |
Endpoint mapping/filtering |
The supported modes are: Independent, Address-and-Port-Dependent. |
No max-sessions-per-user parameter. |
There is no option to limit the number of sessions per user. As a result, when the endpoint mapping/filtering modes are set to independent, a user can consume all the available conntracks. |
Capabilities are not checked against available memory. |
Configuring too high capabilities can prevent the system from working properly. Refer to the Capability tuning section. |