[c-nsp] WARNING: Netflow Data Export & Hardware assisted NAT not supported on 76xx/65xx on the same interface

[Simon Leinen]

Matthew Huff writes:
> I would understand the limitation if I was using some unusual feature
> or using them in some unusual way. However, the marketing literature
> for the RSP720 mentions supporting hardware-assisted NAT, and netflow
> collection.

Right.  Your mistake, and it's an easy one to make, was to assume that
both features would naturally coexist.

In general, features don't compose in this way.  This is not unique to
Cisco, but they may be worse than others in this respect.

In many cases there are technical reasons that can explain why features
don't coexist well.  For example regarding NAT and NDE on the PFC3: They
both use the same hardware Netfow table, but it has to be managed
somewhat differently, as Gerd mentioned.  It would probably be possible
to make them coexist, but that would require work (coding, testing etc).

Cisco being Cisco, one can expect that they would explicitly tell you if
they had done that work, for example by advertising a feature called
"NDE for hardware-NATted flows" or something like that.

In short: Never assume that two features work together until you tried
it in the lab or got credible evidence from somewhere that they do.
Such evidence can come from people within Cisco (e.g. TMEs), well-paid
consultants, or from the community.  (Fortunately for you there are
places like cisco-nsp with the purpose to help small financial-services
institutions avoid paying expensive consultants! ;-)
-- 
Simon.