Hello everyone!
Can you suggest a model of a device that can do NAT on traffic over 5 Gbit in ISP tasks?
Peace!
2116 models
Nat at 5-Gig throughput
It can be done - but it’s asking alot. It’s very CPU intensive for any router !
If you are an ISP , I would guess you would be natting something like 100.64.x.x network blocks ( Carrier Grade NAT -or- CGN Nat - or Nat444 - or - RFC-6888 ).
I push about this much throughput through my ISP’s CGN Nat routers.
I started with some Mikrotik routers, then outgrew the capabilities. So I then went with Mikrotik CHR routers hosted on some VmWare and Proxmox hypervisors. Then I outgrew what the CHRs could handle for natting at that sustained rate.
So, I changed my high-throughput Mikrotik CHR CGN routers to some VyOS routers that also run on some Proxmox hypervisors. The CHR to VyOS switch gained me about 15-percent CGN nat throughput ( around the 3±Gig CGN nat throughput - sometimes 4-Gig ).
I am planning ( and I would suggest ) installing VyOS on a bare-metal upper-end servers with 10-Gig or 100-Gig network interfaces. Where there is no hyper-visor overhead and the router software can be directly ISO installed on the bare-metal server. CHR can not be ISO installed on bare-metal , however VyOS can be ISO installed on bare-metal.
If you install your nat routers on a hyper-visor ( VmWare , Proxmox … ) , I would suggest high-end fast many-core hardware - and read up about SR-IOV and/or MultiQueue ). Also create a test LAB network first so that you can verify your nat throughput & latency with heavy I/O loads.
As for me , my target CGN nat throughput ( multiple CGN 100.64.0.0/21 networks ) is to be able to sustain CGN nat 25+ Gig throughputs.
North Idaho Tom Jones
North FryDaHO
I have friends pushing 10-15K through a 2116, so not sure what is limiting you…
Maybe a server like an R430/R440 with 10GBE cards ? and a mkt licence…
Thank you for your detailed answer.
Looks like I’ll have to choose something from Juniper or Cisco equipment.