[c-nsp] ip virtual-reassembly
Rodney Dunn
rodunn at cisco.com
Mon Oct 24 21:49:44 EDT 2005
On Mon, Oct 24, 2005 at 05:41:18PM -0400, Dave Temkin wrote:
> OK.
>
> Does my testing jive with reality? 15% performance hit with it enabled?
While I've never tested it my initial reaction would be that seems
a bit excessive. But I haven't looked at that code either.
How are you measuring a 15% performance hit?
>
> Thanks,
> -Dave
>
> On Mon, 24 Oct 2005, Rodney Dunn wrote:
>
> > It is required by NAT for protocols that require ALG translations
> > such as SIP.
> >
> > There was a bug filed to have it disabled if none of the features
> > requiring it were enabled.
> >
> > I can't find it at the moment.
> >
> > Rodney
> >
> > On Mon, Oct 24, 2005 at 11:35:56AM -0400, Dave Temkin wrote:
> > > Is anyone aware why this was added in more recent (12.3T) IOS versions?
> > > Was this a feature that was enabled behind the scenes before and they just
> > > added a command for it, or is it new functionality? It now gets put on an
> > > interface that you place "ip nat inside" or ""outside" on
> > >
> > >
> > > All of the documentation I can find makes it sound like you only need it
> > > if you're doing NAT and CBAC or IOS Firewall together, and not just NAT by
> > > itself. I see it causing about a 15% performance hit if I leave it
> > > enabled.
> > >
> > > Thanks,
> > > -Dave
> > > _______________________________________________
> > > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
More information about the cisco-nsp
mailing list