RE: NAt oh NAT

From: Imo Etuk (ietuk@comcast.net)
Date: Sat Sep 21 2002 - 01:16:08 GMT-3

• Next message: Larry Letterman: "RE: Jake's PS note... TFTPing to a switch over console"
• Previous message: Peter van Oene: "RE: OSPF area ID (big fight at work)"
• Maybe in reply to: IMO ETUK: "NAt oh NAT"
• Next in thread: Jay Hennigan: "RE: NAt oh NAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Chuck,

MSFC II
CEF is enabled - don't know why the CPU utilization is so high. CPU

PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
  53 36467656 24301656 1500 4.48% 3.95% 3.06% 0 IP Input
  13 2666024 1789255 1490 1.04% 1.76% 1.52% 0 ARP Input
  63 726712 228837 3175 0.57% 0.34% 0.36% 0 CEF process
  41 188244 5137910 36 0.24% 0.10% 0.11% 0 IP NAT Ager

Funny enough, IP Nat is running only at 0.36%, the IP input seems like a
winner at 3.06%

Thanks,

Imo

Warning : The information contained in this message may be privileged and
confidential and protected from disclosure. If the reader of this message is
not the intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If you
have received this communication in error, please notify the sender
immediately by replying to this message and then delete it from your
computer.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Chuck Church
Sent: Friday, September 20, 2002 3:56 PM
To: 'IMO ETUK'; 'ccielab@groupstudy.com'
Subject: RE: NAt oh NAT

Imo,

        What version are you running on the MSFC? Is it an MSFC 1 or 2? Is
CEF enabled and running correctly? I though NAT could be fast switched.
What does your 'sh proc cpu' show as the offending process? Or is it
interrupts?

Chuck Church
CCIE #8776, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
IMO ETUK
Sent: Friday, September 20, 2002 4:40 PM
To: ccielab@groupstudy.com
Subject: NAt oh NAT

Hi all,

I seem to be having problems with a NAT config. Currently NAT is
configured on a 6506 which is running native IOS. I have 4,000 users
natted to 13 IPs and my processor utilization is not too happy about
this, its sitting at 80& util now.

I have tried tweaking timers and such on NAT but no dice. Is there any
thing else that i can do to aleviate the cpu utilization?

Here are my timers

 ip nat translation timeout 180
 ip nat translation tcp-timeout 300
 ip nat translation udp-timeout 30
 ip nat translation finrst-timeout 15
 ip nat translation dns-timeout 15

------------

Here is my NAT config - some of it

ip nat pool nat_router xx.xx.xx.11 xx.xx.xx.23 prefix-length 26
ip nat inside source list 99 pool nat_router overload
access-list 99 permit a.b.0.0 0.0.255.255

where a and b are private IPs :)
the xx.xx are publics :)

So i have 13 VLANs going to the pool nat_router.

Any thoughts?

Thanks

Imo

• Next message: Larry Letterman: "RE: Jake's PS note... TFTPing to a switch over console"
• Previous message: Peter van Oene: "RE: OSPF area ID (big fight at work)"
• Maybe in reply to: IMO ETUK: "NAt oh NAT"
• Next in thread: Jay Hennigan: "RE: NAt oh NAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:58 GMT-3