[c-nsp] 2821 NAT Limitations

Dan Letkeman danletkeman at gmail.com
Thu Oct 14 11:19:36 EDT 2010


I'm pushing about 30mbit, but we have a content filter that everyone
is force to go through, which essentially doubles the nat entries on
the router (it's just the way it works).

Would we be better off getting two 5510's? and load balancing?

Dan.

On Thu, Oct 14, 2010 at 8:44 AM, Ryan West <rwest at zyedge.com> wrote:
> Dan,
>
>>-----Original Message-----
>>From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Letkeman
>>Sent: Thursday, October 14, 2010 9:26 AM
>>To: rodunn at cisco.com
>>Cc: cisco-nsp at puck.nether.net
>>Subject: Re: [c-nsp] 2821 NAT Limitations
>>
>>I'll look into getting an ASA.  My graphs show about 40000 nat translations at the time the router had issues, would an ASA5510 be the right choice or would you go with a 5520?
>
>>Dan.
>
> Probably want to consider the 5520, the 5510 would require the security plus license to reach over 50k sessions (130k) and support HA.   The 5520 will do 280k sessions and supports HA with no additional licensing.  How much throughput are you pushing through the 2821?
>
> -ryan
>



More information about the cisco-nsp mailing list