I have a strange issue with a Bordermanager server. It is 3.9SP1 on a NW
6.5sp7 server. After the server has been running it stops passing traffic to
the Internet. I checked the NAT table and it has 5000 entries (the max I
believe) The entries are old, so it looks like it is not refreshing the
table.

If I disable NAT on the public interafce, then enable it things start moving
again.

Any ideas?

Thanks,

Jim

In article <HonXk.3308$wo4.762@kovat.provo.novell.com>, Jim Burghart
wrote:
> Any ideas?

Can you tell what is filling up the connections? Do you have filtering
enabled? Have you allowed a lot of traffic out - I'm thinking you
might have a virus sending unreturned traffic to the internet filling
up dynamic NAT tables.


Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Wow, thanks for getting back to me so fast!

The traffic was just normal web traffic. The table would not refresh
at all. I cleared the table and made a few connections to the web, and
the translations where there 10 minutes later? On my other BM server
they clear as soon as the connection closes.

I think I may have it fixed though. I applied the newest HP support
pack for NW 6.5, version 8.1a. The server is an HP360DL G5. That seems to
have solved it.
Connections are clearing fine now. This all started happening after I
updated the TCP files, and lib files to NWlib6L.

I will keep an eye on it, but it seems to be ok now.

Thanks again, and Happy Thanks Giving to all!

Jim

"Craig Johnson" <craigsj@ix.netcom.com> wrote in message
news:VA.0000411a.09b8c6e4@ix.netcom.com...
> In article <HonXk.3308$wo4.762@kovat.provo.novell.com>, Jim Burghart
> wrote:
>> Any ideas?
>
> Can you tell what is filling up the connections? Do you have filtering
> enabled? Have you allowed a lot of traffic out - I'm thinking you
> might have a virus sending unreturned traffic to the internet filling
> up dynamic NAT tables.
>
>
> Craig Johnson
> Novell Support Connection SysOp
> *** For a current patch list, tips, handy files and books on
> BorderManager, go to http://www.craigjconsulting.com ***
>
>

Well that didn't fix it. It is better, but I am still getting a lot of
really old translations in the NAT connection table.

Here is an example of an almost 5 hour old connection stuck in the table.

19. 10.11.11.7 | 1336 | 56188 | 65.54.81.152 | 80| 10|17459

I changed the set nat periodic cleanup to 2 minutes from the default 3.
Still not working correctly.

Jim
"Jim Burghart" <pumpkinj@nycap.rr.com> wrote in message
news:7DoXk.3317$wo4.1847@kovat.provo.novell.com...
> Wow, thanks for getting back to me so fast!
>
> The traffic was just normal web traffic. The table would not refresh
> at all. I cleared the table and made a few connections to the web, and
> the translations where there 10 minutes later? On my other BM server
> they clear as soon as the connection closes.
>
> I think I may have it fixed though. I applied the newest HP support
> pack for NW 6.5, version 8.1a. The server is an HP360DL G5. That seems to
> have solved it.
> Connections are clearing fine now. This all started happening after I
> updated the TCP files, and lib files to NWlib6L.
>
> I will keep an eye on it, but it seems to be ok now.
>
> Thanks again, and Happy Thanks Giving to all!
>
> Jim
>
> "Craig Johnson" <craigsj@ix.netcom.com> wrote in message
> news:VA.0000411a.09b8c6e4@ix.netcom.com...
>> In article <HonXk.3308$wo4.762@kovat.provo.novell.com>, Jim Burghart
>> wrote:
>>> Any ideas?
>>
>> Can you tell what is filling up the connections? Do you have filtering
>> enabled? Have you allowed a lot of traffic out - I'm thinking you
>> might have a virus sending unreturned traffic to the internet filling
>> up dynamic NAT tables.
>>
>>
>> Craig Johnson
>> Novell Support Connection SysOp
>> *** For a current patch list, tips, handy files and books on
>> BorderManager, go to http://www.craigjconsulting.com ***
>>
>>
>
>

Jim Burghart wrote:
> Well that didn't fix it. It is better, but I am still getting a lot of
> really old translations in the NAT connection table.
>
> Here is an example of an almost 5 hour old connection stuck in the table.
>
> 19. 10.11.11.7 | 1336 | 56188 | 65.54.81.152 | 80| 10|17459
>
> I changed the set nat periodic cleanup to 2 minutes from the default 3.
> Still not working correctly.
>
> Jim

1. nat periodic cleanup: This setting is only for udp as it is a
connectionless protocol
2. Check if the internal machine 10.11.11.7 still has this connection
open. If it does, than it is an issue with the local machine and not
with nat
3. You should be using nat.nlm dated 14-october-2008 included in
NAT 20080808 patch
4. Still seen the issue, load monitor!h , server parameters,
communication, nat tcp connection timeout, by default 8 hours. Change it
to xx whatever you want.

Gonzalo

In article <7DoXk.3317$wo4.1847@kovat.provo.novell.com>, Jim Burghart wrote:
> The traffic was just normal web traffic.

If this is just you browsing, I'm thinking you need to check patches on the
server. See tip #1 at my website (URL below my signature).

You are just browsing through the proxy?

> The table would not refresh
> at all. I cleared the table and made a few connections to the web, and
> the translations where there 10 minutes later? On my other BM server
> they clear as soon as the connection closes.
>
> I think I may have it fixed though. I applied the newest HP support
> pack for NW 6.5, version 8.1a. The server is an HP360DL G5. That seems to
> have solved it.

What files are in that support pack? (Is that comparable to NW65sp7?)

> Connections are clearing fine now. This all started happening after I
> updated the TCP files, and lib files to NWlib6L.

If using NW65SP7, I also recommend tcp681k, ss206 and wsock6o.
>
> I will keep an eye on it, but it seems to be ok now.

OK, but check patch levels!
>
> Thanks again, and Happy Thanks Giving to all!
>
Thanks!

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

In article <q%wXk.3403$wo4.642@kovat.provo.novell.com>, Jim Burghart
wrote:
> 19. 10.11.11.7 | 1336 | 56188 | 65.54.81.152 | 80| 10|17459
>
Why are you sending browsing traffic through dynamic NAT, and not using
proxy?

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

We actually don't use BorderManager for forward proxy. I do use reverse
proxy a lot. We use stand alone proxy servers so we can deploy them to
locations to small to justify a BM server.

As for Pathces:

I have TCP681K, wsock60, and nwlib6L installed. I don't have the security
system patch installed. The HP support pack has newer drivers than the
NW65SP7. I was using the SP7 drivers, and the tech I spoke with at Novell
suggested if a newer version was aviaiable ffrom HP I should try it. So I
went from bx2.lan version 3.41 to version 3.70. HP claims it is for NW65SP7.

Gonzalo,

Thanks for the info, the 10.11.11.7 entry is just one of many. The machine
is actuall off, so no connection. I have the new NAT.NLM installed, but it
is dated 8/08/2008? I could not find a newer one on Novell's site.

Since our office is closed it is hard to really test since we have almost no
traffic right now.

Thanks for your input!!!

Jim


"Craig Johnson" <craigsj@ix.netcom.com> wrote in message
news:VA.0000411c.0c34abb5@ix.netcom.com...
> In article <7DoXk.3317$wo4.1847@kovat.provo.novell.com>, Jim Burghart
> wrote:
>> The traffic was just normal web traffic.
>
> If this is just you browsing, I'm thinking you need to check patches on
> the
> server. See tip #1 at my website (URL below my signature).
>
> You are just browsing through the proxy?
>
>> The table would not refresh
>> at all. I cleared the table and made a few connections to the web, and
>> the translations where there 10 minutes later? On my other BM server
>> they clear as soon as the connection closes.
>>
>> I think I may have it fixed though. I applied the newest HP support
>> pack for NW 6.5, version 8.1a. The server is an HP360DL G5. That seems
>> to
>> have solved it.
>
> What files are in that support pack? (Is that comparable to NW65sp7?)
>
>> Connections are clearing fine now. This all started happening after I
>> updated the TCP files, and lib files to NWlib6L.
>
> If using NW65SP7, I also recommend tcp681k, ss206 and wsock6o.
>>
>> I will keep an eye on it, but it seems to be ok now.
>
> OK, but check patch levels!
>>
>> Thanks again, and Happy Thanks Giving to all!
>>
> Thanks!
>
> Craig Johnson
> Novell Support Connection SysOp
> *** For a current patch list, tips, handy files and books on
> BorderManager, go to http://www.craigjconsulting.com ***
>
>

Jim Burghart wrote:

> Gonzalo,
>
> Thanks for the info, the 10.11.11.7 entry is just one of many. The machine
> is actuall off, so no connection. I have the new NAT.NLM installed, but it
> is dated 8/08/2008? I could not find a newer one on Novell's site.

yep, it is the last one