Network address translation (NAT) is used to enable a private network (using private Internet Protocol (IP) addresses) device to access a public network (using public IP addresses) device.
When translating a private IP address into a public IP address, a NAT device establishes a NAT entry in a NAT table to record a translation relationship between the private IP address and the public IP address. Based on a translation relationship recorded in a NAT entry, NAT is performed on a packet that hits the NAT entry. When duration in which a NAT entry fails to be hit exceeds an aging time, the NAT entry is deleted.
In some scenarios, a controller remotely controls a network device, such as a router or a switch. The network device is usually located in a private network, and the controller is usually located in a public network. Therefore, when the network device accesses the controller, address translation needs to be performed on a packet sent by the network device before the packet is transmitted to the controller. A persistent connection that remains connected for a long time is established between the network device and the controller. After the persistent connection is established, there is often no communication between the network device and the controller over a long time. As a result, a NAT entry that is in the NAT device and corresponding to the network device and the controller fails to be hit for a long time and consequently is deleted due to aging. In this case, when the network device sends a packet to the controller again, the NAT device cannot perform NAT on the packet based on the translation relationship in the original NAT entry. As a result, the network device and the controller cannot normally communicate with each other.