Hello!
Checking the Vyatta firewall log (/var/log/messages) I can see a lot of error messages like this one:
vyatta-dataplane.service dataplane[2652]: FIREWALL: SNAT: map get 1 (10.10.100.14:13639) failed: No space left on device, used 3467/65535
Checking source NAT transactions, seems to be ok, there is less established transactions(3467) than totals (65535)
admin@fw01:~$ show nat source statistics
rule pkts bytes interface used/total
---- ---- ----- --------- ----------
25 375514601 280697502022 dp0bond1 3467/65535
I have made a “clear nat” but the error still occurring.
The source NAT rule is this one:
admin@fw01:~$ show nat source rules
------------------------
NAT Rulesets Information
------------------------
--------------------------------------------------------------------------------
SOURCE
rule intf match translation
---- ---- ----- -----------
25 dp0bond1 from 10.10.100.14 dynamic any -> masquerade
And this is the NAT rule configuration command:
set service nat source rule 25 outbound-interface 'dp0bond1'
set service nat source rule 25 source address '10.10.100.14'
set service nat source rule 25 translation address 'masquerade'
Why the error say that there is no space left on device if we are not reaching total NAT transactions?
I assume this is not related with filesystem state, as there is a lot of free space:
admin@fw01:~$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 7.9G 0 7.9G 0% /dev
tmpfs 1.6G 14M 1.6G 1% /run
/dev/sda2 917G 15G 855G 2% /lib/live/mount/persistence/sda2
/dev/loop0 319M 319M 0 100% /lib/live/mount/rootfs/1801q.09052048.squashfs
tmpfs 7.9G 0 7.9G 0% /lib/live/mount/overlay
overlay 917G 15G 855G 2% /
tmpfs 7.9G 0 7.9G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 7.9G 0 7.9G 0% /sys/fs/cgroup
Thanks