Symptoms: NAT Port Exhaustion / Intermittent Failures

• Users on the internal network (10.200.0.0/16) report intermittent failures when accessing external websites and APIs.
• The problem is not limited to a single destination -- various external services fail randomly.
• Failures manifest as DNS timeouts, connection resets, and "no route to host" errors.
• The issue correlates with business hours (peak at 10am-2pm) and rarely occurs evenings/weekends.
• The NAT gateway (nat-gw-01, running Linux with iptables MASQUERADE) handles all outbound traffic for ~500 internal hosts.
• The system log on nat-gw-01 shows repeated messages: nf_conntrack: table full, dropping packet.
• During incidents, some connections work while others fail -- the behavior seems random.
• Restarting the NAT gateway temporarily resolves the issue (flushes the conntrack table), but it recurs within hours.