[j-nsp] NAT without AS PIC

Stefan Fouant sfouant at gmail.com
Thu Aug 7 13:53:59 EDT 2008


On Thu, Aug 7, 2008 at 1:36 PM, Rubens Kuhl Jr. <rubensk at gmail.com> wrote:
> On Thu, Aug 7, 2008 at 2:01 PM, Brandon Bennett <bennetb at gmail.com> wrote:
>>> On the 7600 and the ASR1000, is that hardware accelerated NAT a
>>> default option, or are those add-on features?
>>
>> On both the 7600 and the ASR it is in the base images and ready to
>> just configure.  Crazy for Cisco, I know.  You'd think they'd milk
>> another license out of you somewhere. :)
>
> That doesn't mean it's healthy to do  NAT, because every first packet
> of a flow will hit a slow CPU (unless you have brand new RSP720).
>
> The thing about Juniper is that they could give the decision to us,
> network engineers, whether to do NAT on the PowerPC at the board
> controller or the Intel at the routing engine is good or not on that
> scenario. Can this go wrong sometimes ? Sure, as could exception
> packets and flow exporting... there are controls to those, there could
> be a control on NAT pps rate... they could even not call that a
> feature: don't mention NAT on the product datasheet, just on the
> manuals.

They could... but then that would break their motto of "Performance
without Compromise".  Besides, it's a whole heckuva lot more lucrative
for them to sell us a PIC... which I really don't mind paying for, but
it sucks having to use valuable real estate on a router just to do
some fancy stuff on a packet.  What I really wish they would give us
is an FPC with an embedded AS Module, which would give all the PICs
homed to that FPC the ability to take advantage of its features and
still spare our valuable PIC Slot real estate.  Why haven't Juniper
marketing folks picked up on this yet is beyond me (unless of course
there are some technical limitations that I'm unaware of), certainly
folks would pay for this... I know I would ;)

-- 
Stefan Fouant
Principal Network Engineer
NeuStar, Inc. - http://www.neustar.biz
GPG Key ID: 0xB5E3803D


More information about the juniper-nsp mailing list