Suppose n computer are connected to a router R .It is doing NAT but suddenly all of its ports are occupied .So when a new computer N tries to connect what would router do means it simple do not connect to computer or terminates some of computer and connects to computer N ? Suppose so much connection don’t effect the router performance?
Answer
What happens in an overload situation depends on the specific NAT implementation. It wouldn’t be surprising for the new connections to be dropped until free ports are available. The NAT box might respond with an ICMP error message. But in any case some connections simply will fail in one way or another.
Almost all NAT systems are aging out address translations when they are closed, or when a certain defined period of time has passed. So an overload situation relatively quickly after the systems causing the traffic stops.
Getting into an overload can be very disruptive. It is basically a denial of service to your internal users.
I been called about people having problems with firewalls in a NAT overload situation. It typically happens with a couple systems infected with malware will start rapidly scanning hosts on the Internet to spread the malware. A few infect hosts can usually fill up your NAT table pretty quickly.
You can certainly prevent this type of situation. Rate limiting of outgoing connections, possibly some kind of maximum connections per host, perhaps an IPS type device that blacklists hosts that are obviously causing problems. I am sure various firewall/nat implementations can deal with this various ways.
It is certainly possible on low-end hardware that something might cause NAT exhaustion might also max out the memory or cpu power of a router/firewall.
Attribution
Source : Link , Question Author : Sachin Setiya , Answer Author : Zoredache
