Hello,

On our 6509-E+switchblades with sup720/pfc3 and CSM module we noticed a considerable cpu load like:

#show processes cpu sorted

CPU utilization for five seconds: 85%/81%; one minute: 82%; five minutes: 41%

after some research i'm able to reproduce it, and basically its:

when sending traffic through the vlans defined on the msfc with nat inside and nat outside it's reproducable.

when unconfiguring NAT the cpu load drops (in lab) to 0%/0%.

we're using nat pools just to fix a internal application/service on 1 IP.

it's configured like:

ip nat pool DMZ-193 1.1.1.1 1.1.1.1 netmask 255.255.255.224

ip nat inside source list DMZ-193 pool DMZ-193 overload

ip access-list extended DMZ-193

<snip>

where the 1.1.1.1 the external (example) source IP is where it's S-natted to.

With this "feature" i can't get a higher rate then about 130Mbit/s (msfc cpu bound)

Has any one an idea why this gets executed in software and not in hardware like what the docu says?

Any idea or workaround is welcome.

additional note: i reviewed document:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00804916e0.shtml

which gave good ideas, but no solution yet.

Regards,

Arjan Filius