Bug ID 423306: Deterministic NAT not providing reliable and reversible translation mappings with large address space

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP CGN(all modules)

Known Affected Versions:
11.3.0, 11.4.0

Fixed In:
11.5.0, 11.4.0 HF3, 11.3.0 HF8

Opened: Jun 14, 2013
Severity: 3-Major
Related Article:


CGNAT in deterministic mode translation mappings may fail and use backup pool or may appear to succeed but the reverse mappings using dnatutil will not get the correct source address.


Deterministic NAT address translations may fail or result in mappings that cannot be reversed correctly.


- More than one VS using different source address ranges is attached to the same deterministic LSN pool - A VS with a source address network larger than /16 - may depend on the platform


- Reduce the prefix for the source address range to /16 or smaller - use only 1 VS per Deterministic LSN pool - use NAPT mode

Fix Information

CGNAT in deterministic mode translation will no longer fail and use the backup pool.

Behavior Change