[c-nsp] 827 nat translations
Dan Letkeman
danletkeman at gmail.com
Sat Aug 30 11:42:44 EDT 2008
I'm currently running a 2621 just behind the 827(s) which is doing CEF
load distribution. I plan on putting in a 2800 series router with the
firewall IOS. Do you know if there is a way you can do PPPOE on a sub
interface? I plan on having up to 7 ADSL connections in front the the
2800 series connecting via 827's or whatever else works best.
Any suggestions would be appreciated.
Thanks,
Dan.
On Sat, Aug 30, 2008 at 12:10 AM, Adrian Chadd <adrian at creative.net.au> wrote:
> On Fri, Aug 29, 2008, Dan Letkeman wrote:
>> How many nat translations could an 827 router handle? This is for a
>> school environment where there are about 300 workstations (assuming
>> that not everyone would be browsing at once) and a 7mbit internet
>> connection. Could this router handle this kind of load?
>
> Sort of!
>
>> Is there anything I could do to take the load off the cpu?
>
> Grab the latest image and make -certain- you set:
>
> * the global NAT table limit;
> * the per-IP NAT table entry limit;
> * protocol timeouts.
>
> Exhausting memory w/ NAT table entries on the 827 is a trivial thing
> to do with a single PC running bittorrent. 300 PCs could be a bit
> of a challenge. That said, IIRC exhaustion hit with ~ 5000 NAT
> entries, so YMMV.
>
> You may discover after the above that you still run out of RAM.
> You may also find you don't run out of RAM but connections still
> mysteriously disappear. In which case, do what I did - grab some
> other device to do NAT and leave the 827 as a router/bridge.
>
>
>
> Adrian
>
>
More information about the cisco-nsp
mailing list