[c-nsp] large scale NAT/PAT solution
Jim McBurnett
jim at tgasolutions.com
Tue Jun 7 21:57:32 EDT 2005
Look at the new ASA appliances...
They would be cheaper than a 7xxx...
Maybe a 5540..
http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html
But this may be a lot bigger design question....
J
-----Original Message-----
From: Goran Gajic [mailto:ggajic at sbb.co.yu]
Sent: Tuesday, June 07, 2005 9:18 PM
To: Gert Doering
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] large scale NAT/PAT solution
Problem is that users are charged differenty if they are using real ip
addresses or if private ip addresses are NATed or PATed.
Regards,
gg.
On Tue, 7 Jun 2005, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 07, 2005 at 11:19:38PM +0200, Goran Gajic wrote:
>> I currently have something like 7000 users that are NAT-ed/PAT-ed
>> (depending on their service) through 7206vxr (NPE-G1) box running IOS
>> 12.4.It has something like 40k NAT enteries and CPU usage of 75%.
>> However I'm looking for long term solution that would be able to
>> NAT/PAT something like 40-50k users (20-30
>> ubr7246 aggregated into one point where NAT box (or nat boxes) would
>> be). What would be recommended solution for this scenario? I was
>> thinking about 7609 box. Note however that I can't run only NAT or
PAT because of service policy.
> Is giving these users *real* Internet no option?
>
> I'm guessing from your e-mail address that you're in RIPE land
> (Yugoslavia), and getting real IP addresses for your users (one IP per
> head) over here is a perfectly sane request, and the RIPE NCC *will*
give you the addresses.
>
> NAT/PAT will always be a pain, your users will be unhappy, and your
> routers will have to do more work than necessary...
>
> (Yes, I know that this is not the answer you are looking for - sorry
> for that. But maybe thinking along other lines will be more
> future-proof...)
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>
//www.muc.de/~gert/
> Gert Doering - Munich, Germany
gert at greenie.muc.de
> fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list