PIX Xlate

Unanswered Question
Jan 28th, 2010

Hi,

Currenltly we are using static NAT entry more than 400 entries can i know how much xlate entry can PIX support

is there will any issue with the CPU or memory

Free memory:        88561736 bytes (66%)
Used memory:        45655992 bytes (34%)
-------------     ----------------
Total memory:      134217728 bytes (100%)

CPU load is 20 %

model : Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash 16MB
BIOS  32KB

is this normal ?

kindly advice

thanks in advance

vinu

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vilaxmi Thu, 01/28/2010 - 08:14

Hello,

Depending on platform of PIX, there can be different upperbound limit for # of XLATE entries that the hardware can support.

For a PIX 515E 400 NAT entries should not be much of a problem and 20% memory usage is also quite normal at high usage I have seen memor rise upto 90 % and above. Normal memeory usage for your firewall  is around 70-80 %. And usually firewalls can support around 10s of 10000s of NAT/ACL entries. There may have been stress testing done for getting the exact number , but I guess there is no document to testify the figures (datasheets may help)..

Thanks,

Vijaya

Actions

This Discussion