[c-nsp] ASR9k for large scale NAT?

Mike Bushard mike.bushard at arvig.com
Mon Mar 5 17:28:40 EST 2012


If you're not at 4Gig RAM already go that route. The newer IOS-XE trains
with 2 BGP peers put 90%+. We went to 4GB ram with latest IOS, 2 upstream
BGP peers with full tables and 2 downstream peers, and 4,000+ NAT entries
(Long story, don't ask. Migrating them out as fast as we can) and sit at
about 35% according to Orion NPM.

Mike Bushard, Jr
| Network Engineer IV
| Arvig


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Nick Hilliard
Sent: Monday, March 05, 2012 4:19 PM
To: David Farje
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASR9k for large scale NAT?

On 05/03/2012 21:44, David Farje wrote:
> Hi,
>
> We currently have ASR 1006 with RP1 and ESP20, but it is running some
> things that are killing the memory.
> 1. Full internet routing table from 3 peers.
> 2. NAT
> 3. NAT logging via Netflow

not surprised it's bombing out on memory.  You could separate out the NAT
functionality from the transit router functionality here - e.g. 1 or more
routers acting as transit routers and then a NAT layer between that and
your customers.  That would certainly give you lots of breathing room.
You could also put more DRAM into the ASR1k - the RP1 will take up to 4G.
Alternatively, you could upgrade to an RP2 and bump the RAM up to 16G.

I.e. lots of options without having to go to the expense of an asr9k.

Nick

> We are a small-to-medium sized ISP and we are looking for a cheap way
> to support many NAT translations.
> I would like to know if ASR9k can support NAT, but without the ISM
> module that offers CGN (carrier grade nat) but it's too much, and too
> expensive.
>
> Or maybe other solutions?
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list