Dear all,
I plan to use NX-OS N9k such as C93148GC-FXP and C93180YC-EX. (not ACI)
I have a concern Processing order of traffic when using NAT
Please look at follouwing URL.
IOS NAT Order of Operation is Listed.
[NAT Order of Operation]
https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/6209-5.html
Inside-to-Outside Outside-to-Inside
- If IPSec then check input access list
- decryption - for CET (Cisco Encryption Technology) or IPSec
- check input access list
- check input rate limits
- input accounting
- redirect to web cache
- policy routing
- routing
- NAT inside to outside (local to global translation)
- crypto (check map and mark for encryption)
- check output access list
- inspect (Context-based Access Control (CBAC))
- TCP intercept
- encryption
- Queueing
| - If IPSec then check input access list
- decryption - for CET or IPSec
- check input access list
- check input rate limits
- input accounting
- redirect to web cache
- NAT outside to inside (global to local translation)
- policy routing
- routing
- crypto (check map and mark for encryption)
- check output access list
- inspect CBAC
- TCP intercept
- encryption
- Queueing
|
Even if NX-OS, Is the packet processing order same?
Best Regards,
Ryunosuke Hayashi