[c-nsp] ASR9006 - CG NAT - VSM-500

Aaron aaron1 at gvtc.com
Fri Nov 6 11:43:13 EST 2015 

Q/Pshem/Aftab, et al, 

I think what I'm asking is that I want to ensure that I can do something that I guess would be termed PE-CGN... borrowing and combining the terms CGN (ios xr term I guess) and PE NAT (vrf aware, ios term I guess).  PE-CGN I guess meaning CGN integration with MPLS L3VPN

So basically, I would want my asr9k mpls pe which is sitting on my internet boundary (mpls side is inside towards *my* mpls cloud) to house the vsm cgn module and do nat there.  So I think I would be disposing of labels hopefully before the nat inside of vsm, and in the reverse direction, imposing labels after the nat inside of the vsm

Aaron


-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Aaron
Sent: Thursday, November 05, 2015 9:28 PM
To: 'Pshem Kowalczyk'; cisco-nsp at puck.nether.net; 'Aftab Siddiqui'
Subject: Re: [c-nsp] ASR9006 - CG NAT - VSM-500

Thanks Pshem and Aftab, I will be glad to share my findings later with you all and the community.

 

Aftab, I looked over your notes and I see you show 3 examples… 

1 – vrf inside and default/core vrf outside

2 – vrf inside and vrf outside

3 – ABF (acl based forwarding)

 

But please tell me how you think my scenario would be config’d.  My scenario is mpls default/core vrf inside, and vrf outside.  I’m guessing that it’s the opposite of your example #1, but just wanted to ask you what you think.

 

Aaron

 

 

From: Pshem Kowalczyk [mailto:pshem.k at gmail.com]
Sent: Thursday, November 05, 2015 7:58 PM
To: Aaron; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASR9006 - CG NAT - VSM-500

 

Hi,

 

We use the previous non-virtualised cards (ISM-100) in our 9Ks. The experience has been generally positive. The configuration is quite simple and the cards work well.

Do spend some time analysing various limitations of the card (pool sizes, throughput per ServiceApp pair, allowed bulk allocation sizes (if you plan on bulk allocation)).

 

I'm interested in knowing the results of your tests, as we're told by the BU that if we want more throughput we'll have to go to VSM anyway.

 

kind regards

Pshem

 

 

On Fri, 6 Nov 2015 at 06:24 Aaron <aaron1 at gvtc.com> wrote:

Hi Group,



I'm going to test Nat on my ASR9006 in my lab using the RSP440-TR and the VSM-500.



Looking for any links to information or experience you all might have on how to get going on this.



I'm looking for this to be implemented at my internet boundary ASR9k so I will test it like that in the lab.



My asr9k at my internet boundary is the PE Edge of my mpls l3vpn's internal to my network, so the nat would need to work like that.  The asr9k internet connection is PE-CE bgp, native ip connection put into my internet vrf for my internal customer vrf.  Same vrf.



Aaron



_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list