High CPU & NAT

a-mcdougall · ‎05-24-2004

Hi,

We've deployed a couple of 2600s at the edge of our network and are using NAT overload to hide our internal addresses from a 3rd party. I am surprised that 2-3 sessions peaking at around 1.5 Mbps/2K PPS is causing CPU to reach 90% peaks. We're using a 2610 XM with 12.2(17b).

I know that all traffic to the router is process switched, from which I deduce that if I use NAT overload, all the overload traffic will be process switched.

I have a few questions:

1. Is my assumption correct (overload = process switched)?

2. Would using any other NAT configuration be more efficient from a CPU perspective, or is all NAT traffic process switched?

3. Is any of this likely to change in future IOS releases?

Thanks.

Georg Pauwen · ‎05-24-2004

Hello,

AFAIK, Cisco IOS NAT supports Cisco Express Forwarding (CEF) switching, Fast switching, and Process switching, wether you use overloading or any other form of address translation. Have you tried to turn on CEF ?

Regards,

GP

a-mcdougall · ‎05-24-2004

Yes, CEF is on on the router.

olorunloba · ‎05-24-2004

Try to do a show processes cpu and find the process taking a lot of cpu cycles.

From my experience though, a rate of 2kpps of traffic being natted across a 2600 router is bound to cause high cpu utilisation.

tbaranski · ‎05-24-2004

In addition to "show process cpu", the commands "show interface switching" and "show cef not-cef-switched" may provide some clues.

wujames5 · ‎05-24-2004

Hi:

I suggest if your can that change 2600xm to 37ser,because 37 handle nat will be better than 26. Eventhought you change the higher ios or adding the memory,2600 still is 2600 that not a level with 37. If you want to see devices` detail check the cisco`s website.