04-11-2008 11:41 AM - edited 03-05-2019 10:21 PM
Hi,
I can't test this out, right now. I was hoping someone here knew the answer. :)
I was wondering is there a significant performance impact of putting "ip nat inside" on a 6500 interface. Assume CEF is on. Is all non-nat/nat traffic over the interface CEF switched? Or maybe I should phrase the question as, "Does ip nat inside cause any additional burden (ie process switching, etc..)
By the way, it is using a Sup720-3bxl.
Thanks.
04-12-2008 05:43 AM
It should affect performance as it's handled in hardware.
Per:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00804916e0.shtml
"With Network Address Translation (NAT), traffic is handled in this way:
*
On the Supervisor Engine 720:
Traffic that requires NAT is handled in hardware after the initial translation. Translation of the first packet of a flow occurs in software, and subsequent packets for that flow are hardware-switched. For TCP packets, a hardware shortcut is created in the NetFlow table after completion of the TCP three-way handshake."
02-08-2010 08:29 AM
Has anyone put this to the test? Any real-world numbers of the impact to PPS performance?
02-08-2010 10:58 AM
It's not very common to see NAT running on a 6500, but I did see it in a Research Lab a few years ago. They had a SUP720 w/ IOS 12.2.18(SXD7). I didn't see any performance issues, but they were only pushing a couple hundred mbps.
The only really funky thing I did see, though, is once there were over 100 inside local IPs in the table, ICMP traffic would start intermittently failing. This was almost certainly an IOS bug, but never got a firm confirmation of that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide