Forum Discussion
NimbostratusRemove subnet from NAT pools without any impact
Hi zztop123 ,
Look ,
you should first see how this pool of NAT IPs used , see if it's used by huge amount of traffic , or by little or isn't used.
if this subnet not used , you can remove it , it will not cause any impact.
but if this subnet is used much in NATing you should remove it , as you maybe impacted by port exhausion so at this case you shouldn't remove it.
So the impact only is with port exhausion not anything else.
Hi zztop123 ,
Take a packet capture in the server side and see how this pool of NAT ips utilized.
If you saw much traffic converted to source ips from the subnet that you want to remove it here you should be careful fron port exhaustion issue.
If you don't much traffic use ips from the subnet you need to remove it you can delete it.
Look at this article , it explains port exhaustion : https://my.f5.com/manage/s/article/K33355231
So the recommendation is to keep monitor in /var/log/ltm periodically to see if there is port exhaustion or not.
If you found this log even one time , you should rollback and return the removed subnet again in the pool.
NimbostratusHi Mohammad, We have a maintenanace window, and currentlyy seeing 2.4 mil onnections. The plan is move forward with one subnet deletion from the GUIand then monitor if the connections rebuild themselves?
Does that sound an ok plan ?
Hi zztop123 ,
Well sounds good.
Keep this subnet with you.
After deleting it :
monitor system performance and dropping rate.
Also look perodically in the log files for weired logs.
follow up with your subscribers if you found complains you should roll-back.
you can also filter in all connections that use this subnet in NATing like I recommended in the last replay.
