Support Center > Search Results > SecureKnowledge Details
'FW-1: fw_xlate_anticipate: fwx_anticipate_server_side failed' appears repeatedly in /var/log/messages files on cluster members of ClusterXL in HA mode Technical Level
Symptoms
  • 'FW-1: fw_xlate_anticipate: fwx_anticipate_server_side failed' appears repeatedly in /var/log/messages files on cluster members of ClusterXL in HA mode.

  • "NAT Hide failure - there are currently no available ports for hide operation" log appears repeatedly in SmartView Tracker.

  • 'fw tab -t connections -s' command shows that the number of concurrent connections in the Connections Table is reasonable (the limit was not reached).

  • Disabling SecureXL does not change anything.

  • Following sk69480 does not change anything.

Cause

This is the scenario that causes the NAT Table to be over-flown with entries:

A service was configured not to be synchronized between cluster members.
In addition, the connections on this service undergo NAT.

Meaning, for each connection on this service through Active member of ClusterXL in HA mode:

  • an entry will be added to Connections Table, but these entries will not be synchronized between cluster members (since the service was configured to be synchronized)

  • an entry will be added to NAT Table, and these entries will be synchronized between cluster members (by design, NAT Table is always synchronized)



Then, either the Active cluster member is stopped (either powered off , or 'cpstop'), or fail-over occurs to other members.

The entries of not synchronized connections will remain in NAT Table on all other cluster members, and will not be deleted, because they do not appear in the Connection table on other cluster members.

Reason: by design, an entry about a connection in NAT Table is deleted only if the corresponding entry is deleted from the Connections Table.


Solution
Note: To view this solution you need to Sign In .