Re: [c-nsp] NAT logging ASR1k
You wanna see the juniper configs for your ASR1006? Not sure why we didn't use netflow. I guess because syslog worked and that's where the docs led me Aaron > On Jul 9, 2018, at 2:52 AM, Ring Bit wrote: > > Hi Aaron, > > Could you post the nat configs? > > Why not use Netflow? > > Thanks. > T. > >> Sent: Sunday, July 08, 2018 at 10:14 PM >> From: "Aaron Gould" >> To: ring...@mail.com >> Cc: cisco-nsp@puck.nether.net >> Subject: Re: [c-nsp] NAT logging ASR1k >> >> Bulk logging and port block allocation (PBA)? >> >> https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/nat-xe-3s-book/iadnat-bpa.html >> >> I do PBA in groups of 100 ports on my CGNAT deployment (juniper) and use >> syslog to log. Using port block allocation caused the syslogging to slow >> down significantly >> >> Aaron >> >>> On Jul 8, 2018, at 10:12 AM, ring...@mail.com wrote: >>> >>> Hi everybody, >>> >>> Have an ASR 1006 doing NAT translations, it is having around 300k+ and >>> wanted to ask for a recommendation about logging those NAT translations. >>> >>> Tried it with a collector via Netflow v9 with the export command "ip nat >>> log translationsflow-export v9 udp destination" command the CPU spiked to >>> 100%. >>> >>> Is there a recommendation as a workaround or have alternative solution >>> which is easy on resources to those massive NAT translations? >>> >>> Thanks, >>> T. >>> ___ >>> cisco-nsp mailing list cisco-nsp@puck.nether.net >>> https://puck.nether.net/mailman/listinfo/cisco-nsp >>> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> >> ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NAT logging ASR1k
Hi Patrick, I'm interested about the config you are using. T. > Sent: Monday, July 09, 2018 at 12:46 AM > From: "Patrick Cole" > To: ring...@mail.com > Cc: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] NAT logging ASR1k > > T, > > We are having around 200-300k non-CGNAT translations on ASR1001-X and using > Netflow Event > Logging. The CPU on average is less than 20%. > > Regards, > > Patrick > > Sun, Jul 08, 2018 at 05:12:29PM +0200, ring...@mail.com wrote: > > > Hi everybody, > > > > Have an ASR 1006 doing NAT translations, it is having around 300k+ and > > wanted to ask for a recommendation about logging those NAT translations. > > > > Tried it with a collector via Netflow v9 with the export command "ip nat > > log translationsflow-export v9 udp destination" command the CPU spiked to > > 100%. > > > > Is there a recommendation as a workaround or have alternative solution > > which is easy on resources to those massive NAT translations? > > > > Thanks, > > T. > > ___ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NAT logging ASR1k
Hi Aaron, Could you post the nat configs? Why not use Netflow? Thanks. T. > Sent: Sunday, July 08, 2018 at 10:14 PM > From: "Aaron Gould" > To: ring...@mail.com > Cc: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] NAT logging ASR1k > > Bulk logging and port block allocation (PBA)? > > https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/nat-xe-3s-book/iadnat-bpa.html > > I do PBA in groups of 100 ports on my CGNAT deployment (juniper) and use > syslog to log. Using port block allocation caused the syslogging to slow > down significantly > > Aaron > > > On Jul 8, 2018, at 10:12 AM, ring...@mail.com wrote: > > > > Hi everybody, > > > > Have an ASR 1006 doing NAT translations, it is having around 300k+ and > > wanted to ask for a recommendation about logging those NAT translations. > > > > Tried it with a collector via Netflow v9 with the export command "ip nat > > log translationsflow-export v9 udp destination" command the CPU spiked to > > 100%. > > > > Is there a recommendation as a workaround or have alternative solution > > which is easy on resources to those massive NAT translations? > > > > Thanks, > > T. > > ___ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NAT logging ASR1k
T, We are having around 200-300k non-CGNAT translations on ASR1001-X and using Netflow Event Logging. The CPU on average is less than 20%. Regards, Patrick Sun, Jul 08, 2018 at 05:12:29PM +0200, ring...@mail.com wrote: > Hi everybody, > > Have an ASR 1006 doing NAT translations, it is having around 300k+ and > wanted to ask for a recommendation about logging those NAT translations. > > Tried it with a collector via Netflow v9 with the export command "ip nat log > translationsflow-export v9 udp destination" command the CPU spiked to 100%. > > Is there a recommendation as a workaround or have alternative solution which > is easy on resources to those massive NAT translations? > > Thanks, > T. > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NAT logging ASR1k
Bulk logging and port block allocation (PBA)? https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/nat-xe-3s-book/iadnat-bpa.html I do PBA in groups of 100 ports on my CGNAT deployment (juniper) and use syslog to log. Using port block allocation caused the syslogging to slow down significantly Aaron > On Jul 8, 2018, at 10:12 AM, ring...@mail.com wrote: > > Hi everybody, > > Have an ASR 1006 doing NAT translations, it is having around 300k+ and > wanted to ask for a recommendation about logging those NAT translations. > > Tried it with a collector via Netflow v9 with the export command "ip nat log > translationsflow-export v9 udp destination" command the CPU spiked to 100%. > > Is there a recommendation as a workaround or have alternative solution which > is easy on resources to those massive NAT translations? > > Thanks, > T. > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] NAT logging ASR1k
Hi everybody, Have an ASR 1006 doing NAT translations, it is having around 300k+ and wanted to ask for a recommendation about logging those NAT translations. Tried it with a collector via Netflow v9 with the export command "ip nat log translationsflow-export v9 udp destination" command the CPU spiked to 100%. Is there a recommendation as a workaround or have alternative solution which is easy on resources to those massive NAT translations? Thanks, T. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
