Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Cisco: NSP

DHCP & NAT router limitations

  

 
Cisco nsp RSS feed   Index | Next | Previous | View Threaded


rens at autempspourmoi

May 30, 2012, 3:17 AM

Post #1 of 9 (811 views)
Permalink
DHCP & NAT router limitations
Hi,



For a one day wifi event I'm looking which kind of router can be used to
deliver DHCP & NAT for 1000-2000 simultaneous users

Total WAN capacity will be +- 50Mbps



Would a 1841 or a 2811 be able to handle all this NAT/DHCP?



Regards,



Rens





_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


aledm at qix

May 30, 2012, 8:09 AM

Post #2 of 9 (773 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
On 30 May 2012 11:17, Rens <rens [at] autempspourmoi> wrote:

> For a one day wifi event I'm looking which kind of router can be used to
> deliver DHCP & NAT for 1000-2000 simultaneous users
>
> Total WAN capacity will be +- 50Mbps
>
> Would a 1841 or a 2811 be able to handle all this NAT/DHCP?
>
>
Neither of these would cope with 50Mbps even without the NAT.

If you are purely Ethernet then the cheapest Cisco solution would be an
ASA5505

I assume you've already got a wifi setup that can cope with 2,000
connections.

Aled
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


SeniorJ at bennettjones

May 30, 2012, 12:46 PM

Post #3 of 9 (763 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
>If you are purely Ethernet then the cheapest Cisco solution would be an
ASA5505

Be aware that it's basically useless for more than a handful unique IP addresses (20 or so) without a Security plus license upgrade for the 5505.


-----Original Message-----
From: cisco-nsp-bounces [at] puck [mailto:cisco-nsp-bounces [at] puck] On Behalf Of Aled Morris
Sent: 30 May 2012 9:09 AM
To: Rens
Cc: cisco-nsp [at] puck
Subject: Re: [c-nsp] DHCP & NAT router limitations

On 30 May 2012 11:17, Rens <rens [at] autempspourmoi> wrote:

> For a one day wifi event I'm looking which kind of router can be used
> to deliver DHCP & NAT for 1000-2000 simultaneous users
>
> Total WAN capacity will be +- 50Mbps
>
> Would a 1841 or a 2811 be able to handle all this NAT/DHCP?
>
>
Neither of these would cope with 50Mbps even without the NAT.

If you are purely Ethernet then the cheapest Cisco solution would be an
ASA5505

I assume you've already got a wifi setup that can cope with 2,000 connections.

Aled
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
The contents of this message may contain confidential and/or privileged
subject matter. If this message has been received in error, please contact
the sender and delete all copies. Like other forms of communication,
e-mail communications may be vulnerable to interception by unauthorized
parties. If you do not wish us to communicate with you by e-mail, please
notify us at your earliest convenience. In the absence of such
notification, your consent is assumed. Should you choose to allow us to
communicate by e-mail, we will not take any additional security measures
(such as encryption) unless specifically requested.


_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


dave at brockmans

May 30, 2012, 1:45 PM

Post #4 of 9 (765 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
On 5/30/2012 3:46 PM, JP Senior wrote:
> ASA5505
>
> Be aware that it's basically useless for more than a handful unique
> IP addresses (20 or so) without a Security plus license upgrade for
> the 5505.

(users = unique "inside" hosts/devices/IP Addresses)

Base License is 10 users.
10 to 50 user upgrade is minimal (esp. if you buy up front)
50 to Unlimited is still cheaper than a SecPlus license

Regards,

dtb
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


rens at autempspourmoi

May 31, 2012, 4:39 AM

Post #5 of 9 (761 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
Where do you get that info that a 1841 & 2811 can't do this?

They do fine average Internet traffic @ 50Mbps

I got 2811's doing 100Mbps



Indeed my wifi setup can cope with 2K connections



From: aled.w.morris [at] googlemail [mailto:aled.w.morris [at] googlemail] On
Behalf Of Aled Morris
Sent: woensdag 30 mei 2012 17:09
To: Rens
Cc: cisco-nsp [at] puck
Subject: Re: [c-nsp] DHCP & NAT router limitations



On 30 May 2012 11:17, Rens <rens [at] autempspourmoi> wrote:

For a one day wifi event I'm looking which kind of router can be used to
deliver DHCP & NAT for 1000-2000 simultaneous users

Total WAN capacity will be +- 50Mbps

Would a 1841 or a 2811 be able to handle all this NAT/DHCP?


Neither of these would cope with 50Mbps even without the NAT.

If you are purely Ethernet then the cheapest Cisco solution would be an
ASA5505

I assume you've already got a wifi setup that can cope with 2,000
connections.

Aled


_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


andrew at 2sheds

May 31, 2012, 5:48 AM

Post #6 of 9 (759 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
Hi Rens,


On 31/05/2012, at 9:39 PM, Rens wrote:

> Where do you get that info that a 1841 & 2811 can't do this?
>
> They do fine average Internet traffic @ 50Mbps
>
> I got 2811's doing 100Mbps
>
> Indeed my wifi setup can cope with 2K connections


http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf

My guess is that is where the information came from.

Wouldn't the easiest solution be to use a PC running some *nix?
It should also cope very easily with the 50Mbps..

I would be a little worried with the NAT tables on the small routers...
May work - but my gut would be telling me to look for an alternate solution

Regards

Andrew
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


moua0100 at gmail

May 31, 2012, 7:19 AM

Post #7 of 9 (761 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
Those Cisco ISR-G1 mostly punt NAT (& DHCP) functionality to CPU as such
you may have scalability issues for the NATs for CPU resource usage.
I've seen ASA5550 do >65k NAT connections with minimal CPU load (I'm
sure the lower ASA models can achieve similar results depending on how
much memory on board).

I'd concur that throughput of ~ 100Mbps without NAT can be easily done
by these ISR-G1 models.

--
Regards,
Ge Moua

Univ of Minn Alumnus
--


On 05/31/2012 06:39 AM, Rens wrote:
> Where do you get that info that a 1841& 2811 can't do this?
>
> They do fine average Internet traffic @ 50Mbps
>
> I got 2811's doing 100Mbps
>
>
>
> Indeed my wifi setup can cope with 2K connections
>
>
>
> From: aled.w.morris [at] googlemail [mailto:aled.w.morris [at] googlemail] On
> Behalf Of Aled Morris
> Sent: woensdag 30 mei 2012 17:09
> To: Rens
> Cc: cisco-nsp [at] puck
> Subject: Re: [c-nsp] DHCP& NAT router limitations
>
>
>
> On 30 May 2012 11:17, Rens<rens [at] autempspourmoi> wrote:
>
> For a one day wifi event I'm looking which kind of router can be used to
> deliver DHCP& NAT for 1000-2000 simultaneous users
>
> Total WAN capacity will be +- 50Mbps
>
> Would a 1841 or a 2811 be able to handle all this NAT/DHCP?
>
>
> Neither of these would cope with 50Mbps even without the NAT.
>
> If you are purely Ethernet then the cheapest Cisco solution would be an
> ASA5505
>
> I assume you've already got a wifi setup that can cope with 2,000
> connections.
>
> Aled
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp [at] puck
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


mark.tinka at seacom

May 31, 2012, 10:42 PM

Post #8 of 9 (744 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
On Thursday, May 31, 2012 02:48:17 PM Andrew Miehs wrote:

> Wouldn't the easiest solution be to use a PC running some
> *nix? It should also cope very easily with the 50Mbps..

pfSense would be my recommendation. NAT + DHCP are inherent.

Mark.
Attachments: signature.asc (0.82 KB)


sledge121 at gmail

Jun 1, 2012, 5:44 AM

Post #9 of 9 (744 views)
Permalink
Re: DHCP & NAT router limitations [In reply to]
I know that with Packet Marking, NAT and Firewall enabled with 512byte
frames you will get 50Mbps (symmetric) throughput out of a 2921 (cpu
running at 75%)

If this were a router to provide Internet to end users then you would have
more traffic dowload than upload and with 50Mb download and say an upload
of around 25% of that then the cpu would probably tick over at around 40%.
If you don't need Firewall and Marking then a lower model router would do,
I reckon a 1921, not sure of the G1's only tested G2's

Thanks
Rick




On 31 May 2012 12:39, Rens <rens [at] autempspourmoi> wrote:

> Where do you get that info that a 1841 & 2811 can't do this?
>
> They do fine average Internet traffic @ 50Mbps
>
> I got 2811's doing 100Mbps
>
>
>
> Indeed my wifi setup can cope with 2K connections
>
>
>
> From: aled.w.morris [at] googlemail [mailto:aled.w.morris [at] googlemail]
> On
> Behalf Of Aled Morris
> Sent: woensdag 30 mei 2012 17:09
> To: Rens
> Cc: cisco-nsp [at] puck
> Subject: Re: [c-nsp] DHCP & NAT router limitations
>
>
>
> On 30 May 2012 11:17, Rens <rens [at] autempspourmoi> wrote:
>
> For a one day wifi event I'm looking which kind of router can be used to
> deliver DHCP & NAT for 1000-2000 simultaneous users
>
> Total WAN capacity will be +- 50Mbps
>
> Would a 1841 or a 2811 be able to handle all this NAT/DHCP?
>
>
> Neither of these would cope with 50Mbps even without the NAT.
>
> If you are purely Ethernet then the cheapest Cisco solution would be an
> ASA5505
>
> I assume you've already got a wifi setup that can cope with 2,000
> connections.
>
> Aled
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp [at] puck
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
_______________________________________________
cisco-nsp mailing list cisco-nsp [at] puck
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Cisco nsp RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.