the 1072 has 72 cores. We have a 1036 (36 core) doing NAT for over a
thousand LTE+Wimax customers. CPU usage is like 30%. The "firewall" and
"networking" processes account for most of the usage.
We could extrapolate that to say a 1072 could maybe 4,000 with 60% CPU
usage.....just a guess obviously. There's nothing to say it would scale
linearly.
------ Original Message ------
From: "Chuck McCown" <[email protected]>
To: [email protected]
Sent: 1/15/2018 2:07:39 PM
Subject: Re: [AFMUG] IPv4 exhaust again
Wonder how heavy we can load that... I would want it to be able to
handle 8000 connections.
From:Steve Jones
Sent: Monday, January 15, 2018 12:05 PM
To:[email protected]
Subject: Re: [AFMUG] IPv4 exhaust again
ccr1072
On Mon, Jan 15, 2018 at 12:59 PM, Chuck McCown <[email protected]> wrote:
What are you using? Router NAT or a server or ?
From:Steve Jones
Sent: Monday, January 15, 2018 11:48 AM
To:[email protected]
Subject: Re: [AFMUG] IPv4 exhaust again
Im not going to lie, we are natting at 1:300 across a handful of
publics and have little to no issue, though we really should since the
customer router double NATs
On Mon, Jan 15, 2018 at 12:39 PM, Chuck McCown <[email protected]>
wrote:
I need to have about /19 worth of customers natted to as few V4s as
is needed to make it work properly.
We currently have about 3 /21s I think. Don’t want to have to buy a
fourth.
From:Dennis Burgess
Sent: Monday, January 15, 2018 11:34 AM
To:[email protected]
Subject: Re: [AFMUG] IPv4 exhaust again
Mikrotik can do that, I have a router with 20k NAT rules natting two
/21s to less than 254 ips .:)
Dennis Burgess – Network Solution Engineer – Consultant
MikroTik Certified Trainer/Consultant
<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> –
MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE
For Wireless Hardware/Routers visit www.linktechs.net
Radio Frequency Coverages: www.towercoverage.com
Office: 314-735-0270 <tel:(314)%20735-0270>
E-Mail: [email protected]
From: Af [mailto:[email protected]] On Behalf Of George Skorup
Sent: Monday, January 15, 2018 12:28 PM
To:[email protected]
Subject: Re: [AFMUG] IPv4 exhaust again
Dual-stack and CGN? You can get 8:1, 16:1 or even 32:1 out of a
single public IPv4 address. Give 8 customers 8k ports each, or 16
customer 4k ports each, 32 customers 2k ports each. That's *source*
ports, so they're not limited to 8k, 4k or 2k connections total. You
have to look at in both directions. 10.10.10.10:1024 -> 8.8.8.8:53
and 10.10.10.10:1024 -> 8.8.4.4:53 mappings are both valid, and it
obviously goes a lot deeper than that.
Seems to be a whole lot easier than some crazy NAT appliance that's
running the whole network. I haven't done anything like this, but I'm
considering it. I think Juniper even lets you do this with a couple
commands? Yeah, I'm too cheap for that.
Something else to keep in mind is that most consumer grade routers
still have a fairly limited connection table. My Cambium cnPilot
router I have at home lets you adjust the max table size (up to
8192). Most are 2k or 4k. While even a low-end MikroTik will give you
>100k.
On 1/15/2018 11:35 AM, Chuck McCown wrote:
Planning to buy another /21 or some such thing .... again ......
�
So going to attempt to NAT the whole frigging company.
�
Seems like I am going in reverse here.
�
If we can make NAT work for most customers, then that will buy us
time to build our magic V4 translator gateway box for a V6 only
network.�
�
Any suggestions on the best way to do this?
