[c-nsp] 827 nat translations

Adrian Chadd adrian at creative.net.au
Sat Aug 30 01:10:18 EDT 2008


On Fri, Aug 29, 2008, Dan Letkeman wrote:
> How many nat translations could an 827 router handle?  This is for a
> school environment where there are about 300 workstations (assuming
> that not everyone would be browsing at once) and a 7mbit internet
> connection.  Could this router handle this kind of load?

Sort of!

> Is there anything I could do to take the load off the cpu?

Grab the latest image and make -certain- you set:

* the global NAT table limit;
* the per-IP NAT table entry limit;
* protocol timeouts.

Exhausting memory w/ NAT table entries on the 827 is a trivial thing
to do with a single PC running bittorrent. 300 PCs could be a bit
of a challenge. That said, IIRC exhaustion hit with ~ 5000 NAT
entries, so YMMV.

You may discover after the above that you still run out of RAM.
You may also find you don't run out of RAM but connections still
mysteriously disappear. In which case, do what I did - grab some
other device to do NAT and leave the 827 as a router/bridge.



Adrian



More information about the cisco-nsp mailing list