[c-nsp] ASR9k for large scale NAT?

[Chuck Church]

I'm curious what the default NAT timeouts for IOS-XE are.  A lot of the
normal IOS ones are 24 hours, which is WAY too long for dynamic large scale
use.  An hour is much more reasonable. 

Chuck

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Nick Hilliard
Sent: Monday, March 05, 2012 5:19 PM
To: David Farje
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASR9k for large scale NAT?

On 05/03/2012 21:44, David Farje wrote:
> Hi,
> 
> We currently have ASR 1006 with RP1 and ESP20, but it is running some 
> things that are killing the memory.
> 1. Full internet routing table from 3 peers.
> 2. NAT
> 3. NAT logging via Netflow

not surprised it's bombing out on memory.  You could separate out the NAT
functionality from the transit router functionality here - e.g. 1 or more
routers acting as transit routers and then a NAT layer between that and your
customers.  That would certainly give you lots of breathing room.  You could
also put more DRAM into the ASR1k - the RP1 will take up to 4G.
Alternatively, you could upgrade to an RP2 and bump the RAM up to 16G.

I.e. lots of options without having to go to the expense of an asr9k.

Nick

> We are a small-to-medium sized ISP and we are looking for a cheap way 
> to support many NAT translations.
> I would like to know if ASR9k can support NAT, but without the ISM 
> module that offers CGN (carrier grade nat) but it's too much, and too 
> expensive.
> 
> Or maybe other solutions?
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/