[rbak-nsp] Nat subscribers on SE400 from context to Internet

Jeff Crowe jeff at wtccommunications.ca
Fri Jan 21 15:51:15 EST 2011


Hi Rick,

 

We had about 500 Subs NAT'd on our SE400 for a while and didn't notice
any significant impact.  We also terminated > 1000 PPPoE subs inside
L2TP and another 400 or so subs on straight PPPoE all on the same box.

 

We did away from the NAT as fast as possible though and converted the
sub's to PPPoE for ease of management.  If any particular sub spammed or
caused issues it was very difficult to track them down to deal with the
virus/violation of policy.  With PPPoE we can easily identify them as
they use publically routable IP addresses.

 

Cheers

 

Jeff Crowe

 

 

From: redback-nsp-bounces at puck.nether.net
[mailto:redback-nsp-bounces at puck.nether.net] On Behalf Of Richard
Clayton
Sent: Friday, January 21, 2011 12:31 PM
To: redback-nsp at puck.nether.net
Subject: [rbak-nsp] Nat subscribers on SE400 from context to Internet

 

I suggested a solution where all dsl users terminating in a context
could be nat'd on the Redback SE400 as they exited the interface towards
the Internet, concerns were raised as to whether using this feature
could cause problems i.e. high cpu, the user base is around 500 but
could scale up to 1000 over the next couple of years, is nat'ing
subscribers in this way a valid solution or could it cause issues?

 

Thanks

Rick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20110121/fd883491/attachment.html>


More information about the redback-nsp mailing list