cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
394
Views
0
Helpful
6
Replies

Which one can make NAT translation better, 6509 or 7206?

yuzuohong
Level 1
Level 1

Hi all,

We are some kind of little ISP. Our network structure can be simply

described as following.

==========================================================

Clients(10.*.*.*/16)--->Cisco6509(10.0.0.1/16 and 100.0.0.1/252)

--->Cisco7206(100.0.0.2/252 and 200.0.0.1/252)--->

Huge ISP(200.0.0.2/252)

==========================================================

10.*.*.*/16 is our Client-Network.

100.0.0.*/252 and 200.0.0.*/252 both represent our Formal Internet IP

addresses.

As you know, I need to select a place to make the NAT settings for our

clients' 10.*.*.*/16 IP addresses,6509 or 7206?.

FYI: We will make more than 90,000 simultaneous NAT translations.

Please give me some guide.

Thank you in advance.

zuohong

6 Replies 6

vmiller
Level 7
Level 7

I would chose the 7206. Its the touchpoint between the outside and the inside

network. I did a quick look at the IOS for 6500 and did not find any NAT support.

Thats not to say its not there.

I would strongly suggest that you look at a high end PIX for your address translation needs. Its purpose built for that function.

good luck and happy new year

Here are some info that might help:

On the Catalyst 6500, the Content Switching Module (CSM) provides

up to 4Gbps of wire-rate NAT functionality.

I have read a Cisco docu that says NAT is available on the MSFC.

(if you are using Hybrid OS)

It would be better if you could check the performance of your

6500 and 7200 (e.g., memory and cpu resources) prior to

implementing the NAT functionality or any other feature.

So if you're going to use the 7206 for NAT, you have to check for

enough available DRAM as NAT uses router DRAM resources.

You might also be using BGP in your 7206 that might be eating up

half of the DRAM.

Hi,

I took a look at the performance of 6509 and 7206 (only static route running).

---------------------------------------------------------------------------------

*6509*--switch

Memory Used: 7488080

Free: 51039344

Total: 58527424

CPU utilization for five seconds: 1.56%

one minute: 1.08%

five minutes: 1.02%

*6509*--routing

MEM: Total: 89144448, Used: 12944208, Free: 76200240

CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 0%

====================

*7206*

MEM: Total: 80923328, Used: 15966964, Free: 64956364

CPU utilization for five seconds: 30%/29%; one minute: 32%; five minutes: 32%

----------------------------------------------------------------------------------------------

It seems that 6509 is working at a much more idle status than 7206 is.

So, should I put our NAT on the 6509?

zuohong

Based on experience, I typically see and use NAT on the router facing the

Internet (or ISP) as this router typically has the inside and outside interfaces.

But I have seen some that have used NAT on a router separate from the

gateway (or Core) router. This router is typically connected between the

network to be translated and the gateway.

For your setup, I might implement NAT on the 6509 but I will

have to check some info from CCO with this kind of setup.

(There might be bugs/caveats that might affect the switch

performance with this kind of implementation)

So for your question:

"So, should I put our NAT on the 6509?"

The switch usually has a low CPU process because it handles

switching via Hardware unlike the router which uses Software

that eats up CPU resources. So I cannot firmly say that you

try using the 6509. I don't have much info about NAT usage

on the 6509 so I suggest you try reading some Release notes

specifically for the version you are using.

I can help you a little bit if you could post some info about your devices:

- Cat6509 IOS version (if you're using Native IOS)

- CatOS version and MSFC IOS version (if you're using Hybrid OS)

- 7206 IOS version (you can include the feature set)

then I'll try to read some info (e.g., Release notes) from CCO and probably

I can give you points that might help.

Goodluck!

What type of NPE in the 7206 and is it a VXR model?

In http://www.cisco.com/warp/public/63/ts_codred_worm.shtml they say that on the NPE-300 it can handle 20,000 - 40,000 NAT translations before it has a meltdown. NPE-300 is a 262 Mhz processor.

Hi,

Thank you for your suggestions. Here's some information about 6509 and 7206.

------------------------------------------------------------------------------------------

6509:

IOS (tm) MSFC2 Software (C6MSFC2-PSV-M), Version 12.1(13)E, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

cisco Cat6k-MSFC2 (R7000) processor with 114688K/16384K bytes of memory.

Processor board ID SAL06334LF7

R7000 CPU at 300Mhz, Implementation 39, Rev 3.3, 256KB L2, 1024KB L3 Cache

7206:

IOS (tm) 7200 Software (C7200-IS-M), Version 12.2(2)T, RELEASE SOFTWARE (fc1)

cisco 7206VXR (NSE-1) processor (revision A) with 114688K/16384K bytes of memory.

Processor board ID 25751872

R7000 CPU at 262Mhz, Implementation 39, Rev 2.1, 256KB L2, 2000KB L3 Cache

6 slot VXR midplane, Version 2.3

-----------------------------------------------------------------------------------------------------

Any help will be appreciated.

zuohong

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: