[c-nsp] Esoteric NAT question...
Brett Looney
brett at looney.id.au
Wed Jul 26 02:33:07 EDT 2006
Greets,
Traditionally, when I do NAT I do it this way:
ip access-list extended NAT-Networks
permit ip <source> <destination>
ip nat inside source list NAT-Networks interface <external interface> overload
But, I can also do this:
ip access-list extended NAT-Networks
permit ip <source> <destination>
route-map DoNAT permit 10
match ip address NAT-Networks
ip nat inside source route-map DoNAT interface <external interface> overload
Intuition tells me that method #2 would be the less efficient way of
doing this. (Yes, I realise I can get lots more flexibility out of a
route map but assuming I didn't need that...)
But, is there any real proof that one is better than the other? Silly
question, I know, but I thought I'd ask - it would help use argue it
out internally. ;-)
TIA
B.
More information about the cisco-nsp
mailing list