I have a specific scenario that i have do a NAT for /19 local IP adresses to public address
Situation is quite simple;
Specific Public IP will be static routed to the Mikrotik side P2P LAN and then over Mikrotik NATed to the Public IP.
(On Cisco side this VRF on LAN side cannot have public access to the Internet)
Private range scope that will be routed/NATed is size /19 and every local IP will be constantly used a 10Mbps unicast traffic (Video CDN traffic) and have two TCP connection to public IP.
First connection as registration channel, and second connection is “data channel” and will be changed every few minutes (when chunk from video CDN has downloaded) and short amount of time every (15-20 seconds) every local IP will have maximum 5 connection on data chunk transition time)
Is it possible to CCR2216-1G-12XS-2XQ handle this situation?
Will be hardware L3-Hw-Offloading be possible on both scenarios (because bundle configuration) to handle this situation?
What is exactly meaning from mikrotik youtube video presentation on CCR2216-1G-12XS-2XQ that is possible 4.5K Fasttrack connection, and what is 8K NAT entries?
Even if it is technically right I would not made 2nd aproach.
I always try to use symmetric bondings on devices that are inline to the traffic to easy know the behaviour. I also try to have a redundant topology not only having redundant components but also redundant paths.
You should consider carefully bonding method and the ports used for it:
For example following Option2, If you use etherchanel + lacp (802.3ad), as you got too few source ip addesses (you do nat before bonding) and you have a lacp of 8 ports It is possible that traffic go through only one port, so maybe you were limited to only 25gbps. With transmit-has-policy layer3-and-layer4 you can minimize it but it will not be 0.
If you got more segments on internal side maybe you can use more ports on that side using bonding with less drawbacks if you got enought source and destination combinations (will not work well for example if you got an storage array used by 8 servers for the same reason that will not work on the external side).
If it is possible for you I would suggest you to capture some traffic you usually have, to replay it on lab and see what is the best configuration for your environment.
The simplest way I see is to have two routers (to achieve redundancy) each using 100G connectors with a vrrp configuration.
Another thing to consider is that the CCR2216 supports up to 8k NAT entries in hardware offload - where there’s 8k+ IP’s in a /19, and you want 2 connections per IP being 16k+ NAT entries…
… So once you have to start processing in software, it may limit your ability to reach 100gbps. This might be a situation best put to someone like a consultant or mikrotik support directly to see if you can get their more knowledgeable guys to answer if they think the box is up to this task.
