[c-nsp] NAT on ASR1000

Rodney Dunn rodunn at cisco.com
Tue Apr 7 12:56:47 EDT 2009 

sh plat software status control-processor brief 
Load Average
 Slot  Status  1-Min  5-Min 15-Min
  RP0 Healthy   0.00   0.04   0.01
 ESP0 Healthy   0.00   0.00   0.00
 SIP0 Healthy   0.02   0.02   0.00

Memory (kB)
 Slot  Status    Total     Used (Pct)     Free (Pct) Committed (Pct)
  RP0 Healthy  3711920  1525468 (36%)  2186452 (52%)   2438180 (59%)
 ESP0 Healthy  2024492   527680 (25%)  1496812 (71%)   2807552 (133%)
 SIP0 Healthy   480084   287860 (54%)   192224 (36%)    199468 (38%)

CPU Utilization
 Slot  CPU   User System   Nice   Idle    IRQ   SIRQ IOwait
  RP0    0   2.15   1.54   0.00  96.25   0.01   0.03   0.00
 ESP0    0   0.57   0.60   0.00  98.80   0.00   0.01   0.00
 SIP0    0   0.30   0.41   0.00  99.25   0.00   0.01   0.00


It's a live network I worked on over the weekend. It's a pretty high
rate short lived session network.

We set the timeouts down:

ip nat translation timeout 1800
ip nat translation tcp-timeout 900
ip nat translation udp-timeout 150
ip nat translation dns-timeout 30

show platform hardware cpp active infrastructure exmem statistics

and there is a lot of QFP memory left:

Type: Name: IRAM, CPP: 0
  Total: 134217728
  InUse: 4779008
  Free: 128974848
  Free protected: 463872
  Free unprotected: 0
  Lowest free water mark: 129438720
  Largest free block: 99537920
Type: Name: DRAM, CPP: 0
  Total: 402653184
  InUse: 190609408
  Free: 209715200
  Free protected: 598016
  Free unprotected: 1730560
  Lowest free water mark: 212043776
  Largest free block: 210233344

On Tue, Apr 07, 2009 at 07:02:52PM +0300, Tassos Chatzithomaoglou wrote:
> Rodney, can you do a "sh plat soft stat contr br"?
> 
> --
> Tassos
> 
> Rodney Dunn wrote on 07/04/2009 18:46:
> >Few bugs still being worked through but the 72xx and 76xx croaked
> >under the load:
> >
> >ASR1002ESP10#sh proc cpu sort | excl 0.00
> >CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 0%
> > PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process 
> >ASR1002ESP10#sh ip nat stat
> >Total active translations: 92367 (80 static, 92287 dynamic; 92287 extended)
> >Outside interfaces:
> >  GigabitEthernet0/0/0, Tunnel1
> >Inside interfaces: 
> >  GigabitEthernet0/0/1, GigabitEthernet0/0/2
> >Hits: 0  Misses: 0
> >CEF Translated packets: 0, CEF Punted packets: 0
> >Expired translations: 87400847
> >
> >
> >that's on 12.2(33)XNC and I just filed one bug.
> >
> >CSCsy93931 ASRNAT does not do FIN/RST/SYN timeout when no-payload keyword 
> >used
> >
> >
> >My first work on the box with NAT but this thing seems pretty impressive.
> >
> >Anyone else using it for high scale nat yet?
> >
> >Rodney
> >
> >
> >_______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
> >

More information about the cisco-nsp mailing list