[c-nsp] ip virtual-reassembly
Dave Temkin
dave at ordinaryworld.com
Mon Oct 24 21:52:29 EDT 2005
IXIA, IMIX packet size mix, blasting it on the FastEthernet port... Goes
from line rate without to about 85mbit (or less) when it's enabled.
-Dave
On Mon, 24 Oct 2005, Rodney Dunn wrote:
> On Mon, Oct 24, 2005 at 05:41:18PM -0400, Dave Temkin wrote:
> > OK.
> >
> > Does my testing jive with reality? 15% performance hit with it enabled?
>
> While I've never tested it my initial reaction would be that seems
> a bit excessive. But I haven't looked at that code either.
>
> How are you measuring a 15% performance hit?
>
> >
> > Thanks,
> > -Dave
> >
> > On Mon, 24 Oct 2005, Rodney Dunn wrote:
> >
> > > It is required by NAT for protocols that require ALG translations
> > > such as SIP.
> > >
> > > There was a bug filed to have it disabled if none of the features
> > > requiring it were enabled.
> > >
> > > I can't find it at the moment.
> > >
> > > Rodney
> > >
> > > On Mon, Oct 24, 2005 at 11:35:56AM -0400, Dave Temkin wrote:
> > > > Is anyone aware why this was added in more recent (12.3T) IOS versions?
> > > > Was this a feature that was enabled behind the scenes before and they just
> > > > added a command for it, or is it new functionality? It now gets put on an
> > > > interface that you place "ip nat inside" or ""outside" on
> > > >
> > > >
> > > > All of the documentation I can find makes it sound like you only need it
> > > > if you're doing NAT and CBAC or IOS Firewall together, and not just NAT by
> > > > itself. I see it causing about a 15% performance hit if I leave it
> > > > enabled.
> > > >
> > > > Thanks,
> > > > -Dave
> > > > _______________________________________________
> > > > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >
>
More information about the cisco-nsp
mailing list