[c-nsp] Cisco PXF
Rodney Dunn
rodunn at cisco.com
Tue Feb 7 08:32:08 EST 2006
You should probably look at a 7301 to replace the 7401.
If you are seeing the problem with the 7304 since it's still
in bugfix mode open a TAC case on it.
If you can provide the TAC engineer with a sniffer trace from the
inside and outside for a flow that's breaking that would help.
Rodney
On Tue, Feb 07, 2006 at 08:03:02AM +0200, Palis Michael wrote:
> I think it is a feature that it is not supported in hardware since I tried
> various IOS releases on the C7304 and also on C7401. The thing is that we
> are doing a lot of NATing (around 5000 Nat translations) on this boxes
> (Termination of ADSL Users and then NAT) and disabling PXF kills the
> routers.
>
>
>
> -----Original Message-----
> From: Rodney Dunn [mailto:rodunn at cisco.com]
> Sent: Monday, February 06, 2006 9:02 PM
> To: Palis Michael
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Cisco PXF
>
> It's a bug. Open a TAC case if you have a contract.
>
> We may not support that portion of NAT in the hardware
> forwarding path but on those platforms at least there
> is a punt path and that should be taken. The performance
> will be pretty horrible but at least the packets would go through.
>
> That's not always the case on some other hardware forwarding platforms
> that are "all features in hardware or it doesn't work at all" scenario.
>
> It's been said a lot of times on this alias. If the features you want
> are not done in hardware and you are on a platform that has hardware
> based forwarding most of the time it's probably the wrong platform
> for you. That is unless the rates are really really low and you understand
> the impact.
>
> Rodney
>
>
> On Mon, Feb 06, 2006 at 03:59:26PM +0200, Palis Michael wrote:
> > We are running a couple of C7304 and C7400 and we have problems with NAT
> > Traversal and PXF. Enabling PXF, VPN clients using NAT Traversal do not
> > work. Disabling PXF everything is OK. Note that we are Natting on the
> C7304
> > and C7400..
> >
> > Can you please advice?
> >
> > --
> > No virus found in this outgoing message.
> > Checked by AVG Free Edition.
> > Version: 7.1.375 / Virus Database: 267.15.2/251 - Release Date: 4/2/2006
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list