Re: [nsp] Overhead of NAT

From: Erik Montemer (montemer@more.net)
Date: Mon Jan 10 2000 - 14:45:33 EST


Your NAT concerns would deal mostly with memory issues. As the network grows the NAT table becomes bigger, hence router performance may be degraded. I just finished implementing NAT on one of our customer routers, and ran into some issues regarding network size in relation to the NAT table. You can set your timeouts to unmap addresses to keep your table to a minimum but that isn't really recommended, nor would it help much as far as NAT functionality is concerned.
NAT would only be noticable in a few situations. Since address translation lengthens and shortens certain checksums in the IP header, encryption is not possible in a NAT setting. Any machines doing encryption of any sort should remain in the global unique address pool. Address translation also breaks anything that includes the SRC or DST addresses in it's application stream, this includes routing protocols, multicasting, and others. You may want to consult RFC1631 for more information regarding the Network Address Translator.
If you 7206 has enough memory, and CPU horse power, NAT shouldn't even make the router blink a bit.

HTH

On Mon, Jan 10, 2000 at 01:04:28PM -0500, list@mail.cyberback.com wrote:
> If I had a number of broadband clients (wireless, dsl) and not enough IP
> addy's, would NAT be a good solution? At what point (if any) is the
> overhead noticable to the end user? At what point (if any) is it too much
> for a 7206VXR router? Are there other concerns?
>
> TIA,
>
> - Del
>

-- 
Erik L. Montemer
Missouri Research and Education Network -- MOREnet
University of Missouri-Columbia
(573) 884-7200
montemer@more.net
http://www.more.net/



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:08 EDT