Dear Support Team,

We are using Thunder Series Unified Application Service Gateway TH930(A10) as CGN. Currently we have a problem with the following log message:

Mar 15 2016 10:22:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (5 times)
Mar 15 2016 10:22:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (8 times)
Mar 15 2016 10:22:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (152 times)
Mar 15 2016 10:22:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (122 times)
Mar 15 2016 10:20:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (8 times)
Mar 15 2016 10:20:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (4 times)
Mar 15 2016 10:20:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (31 times)
Mar 15 2016 10:20:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (20 times)
Mar 15 2016 10:19:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (82 times)
Mar 15 2016 10:19:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (95 times)
Mar 15 2016 10:19:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (68 times)
Mar 15 2016 10:19:10 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (118 times)
Mar 15 2016 10:18:40 Notice  [ACOS]:LSN: TCP user-quota exceeded on pool pool-100.64.8.0 (113 times)

============================================================================================

Here are some information about the device:

1. lsn-lid configuration
   lsn-lid 1
   source-nat-pool pool-100.64.8.0
   user-quota icmp 20
   user-quota udp 500 reserve 0
   user-quota tcp 750 reserve 500

2.#show version
Thunder Series Unified Application Service Gateway TH930
  Copyright 2007-2014 by A10 Networks, Inc. All A10 Networks products are
  protected by one or more of the following US patents:
  8595819, 8595791, 8595383, 8584199, 8464333, 8423676, 8387128, 8332925, 8312507
  8291487, 8266235, 8151322, 8079077, 7979585, 7804956, 7716378, 7665138, 7647635
  7627672, 7596695, 7577833, 7552126, 7392241, 7236491, 7139267, 6748084, 6658114
  6535516, 6363075, 6324286, 5875185, RE44701, 8392563, 8103770, 7831712, 7606912
  7346695, 7287084, 6970933, 6473802, 6374300

64-bit Advanced Core OS (ACOS) version 2.8.2-P1, build 4 (Aug-02-2014,07:27)
        Booted from Hard Disk primary image
      
      Serial Number: TH10A63214261027
      aFleX version: 2.0.0
      aXAPI version: 2.8

      Hard Disk primary image (default) version 2.8.2-P1, build 4
      Hard Disk secondary image version 2.7.1-P1, build 76
      Last configuration saved at Mar-13-2015, 14:33
      Hardware: 4 CPUs(Stepping 9), Single 78G Hard disk

Memory 8151 Mbyte, Free Memory 3418 Mbyte
      Hardware Manufacturing Code: 142611

      Current time is Mar-15-2016, 10:17

3.\#show ip nat lsn user-quota-sessions 

User-Quota Session Statistics

-----------------------------

LSN User-Quota Created 620715
LSN User-Quota Freed 620605
LSN User-Quota Creation Failed 0
LSN TCP User-Quota Exceeded 54267212
LSN UDP User-Quota Exceeded 4344357
LSN ICMP User-Quota Exceeded 216908

Please advise us any solution to fix this problem without disconnecting all the sessions.

Best Regards,
Math Tea

Hello,

Please realise this is not a “Support” forum, this is an A10 Community forum, where A10 users and A10 employees heal each other. Although sometimes support like questions are being answered, for real support questions the best way is to call or e-mail our support desk.

In this case I think it use very important to find out what kind of traffic is causing the user to exceed it’s quota. And if this is maybe malicious traffic.

Contact support by e-mail: support@a10networks.com Or bij phone, local support numbers can be found here: Contact A10

Greetings,

Diederik

Hello Diederik,

Thanks for your information.

Regards,
Math