PIX Xlate

Unanswered Question
Jan 28th, 2010
User Badges:

Hi,


Currenltly we are using static NAT entry more than 400 entries can i know how much xlate entry can PIX support


is there will any issue with the CPU or memory


Free memory:        88561736 bytes (66%)
Used memory:        45655992 bytes (34%)
-------------     ----------------
Total memory:      134217728 bytes (100%)


CPU load is 20 %


model : Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash 16MB
BIOS  32KB


is this normal ?


kindly advice


thanks in advance

vinu

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vilaxmi Thu, 01/28/2010 - 08:14
User Badges:
  • Cisco Employee,

Hello,


Depending on platform of PIX, there can be different upperbound limit for # of XLATE entries that the hardware can support.

For a PIX 515E 400 NAT entries should not be much of a problem and 20% memory usage is also quite normal at high usage I have seen memor rise upto 90 % and above. Normal memeory usage for your firewall  is around 70-80 %. And usually firewalls can support around 10s of 10000s of NAT/ACL entries. There may have been stress testing done for getting the exact number , but I guess there is no document to testify the figures (datasheets may help)..


Thanks,


Vijaya

Actions

This Discussion