nanog mailing list archives
RE: NAT444 or ?
From: "Dan Wing" <dwing () cisco com>
Date: Thu, 8 Sep 2011 10:10:24 -0700
-----Original Message----- From: Simon Perreault [mailto:simon.perreault () viagenie ca] Sent: Wednesday, September 07, 2011 2:29 PM To: nanog () nanog org Subject: Re: NAT444 or ? David Israel wrote, on 09/07/2011 04:21 PM:In theory, this particular performance problem should only arise when the NAT gearinsists on aunique port per session (which is common, but unnecessary)What you're describing is known as "endpoint-independent mapping" behaviour. It is good for not breaking applications, not so good for scalability. RFC 4787 section 4.1 makes it a MUST.
There are two dimensions of that scalability, of course: Endpoint-independent mapping means better scaling of the NAT itself, because it stores less state (slightly less memory for each active mapping and slightly less per-packet processing). This savings is exchanged for worse IPv4 utilization -- which I agree is not so good for scalability. -d
Current thread:
- Re: NAT444 or ?, (continued)
- Re: NAT444 or ? David Israel (Sep 07)
- RE: NAT444 or ? Leigh Porter (Sep 07)
- Re: NAT444 or ? Mike Jones (Sep 08)
- Re: NAT444 or ? Carlos Martinez-Cagnazzo (Sep 08)
- RE: NAT444 or ? Leigh Porter (Sep 09)
- Re: NAT444 or ? Randy Bush (Sep 09)
- RE: NAT444 or ? Dan Wing (Sep 08)
- Re: NAT444 or ? Owen DeLong (Sep 13)
- RE: NAT444 or ? Dan Wing (Sep 13)
- Re: NAT444 or ? Simon Perreault (Sep 07)
- RE: NAT444 or ? Dan Wing (Sep 08)
- RE: NAT444 or ? Dan Wing (Sep 08)
- RE: NAT444 or ? Dan Wing (Sep 08)
- Re: NAT444 or ? Mark Tinka (Sep 09)