NAT

Commands in this section configure dataplane NAT behavior.

dataplane nat dslite-ce

Enables DS-Lite CE mode.

dataplane nat max-translations-per-user <n>

Defines the number of NAT translation entries to allow for each IP address. The default value is 10240, but it can be set to any integer value between 1-262144. The ideal value depends entirely on the environment and number of sessions per IP address involved in NAT. This includes traffic sourced from TNSR itself address as well, not only internal source IP addresses.

dataplane nat mode (deterministic|endpoint-dependent|simple)

Configures the operating NAT mode. See Dataplane NAT Modes.

dataplane nat mode-options simple (out2in-dpo|static-mapping-only)

Configures options for the NAT mode. See Dataplane NAT Modes.

NAT Memory

Memory available for NAT functions can also be tuned to scale for larger operations. The following paramaters are available:

dataplane nat user hash buckets <size>

Number of buckets in NAT user lookup hash table. Can be from 1-65535, default 128.

dataplane nat user hash memory <size>

Memory size of NAT user lookup hash table. Can be from 1-4294967295, default 67108864 (64MiB).

dataplane nat translation hash buckets <size>

Number of buckets in session lookup hash tables. Can be from 1-65535, default 1024.

dataplane nat translation hash memory <size>

Memory size of session lookup hash tables. Can be from 1-4294967295, default 134217728 (128MiB).

With the default user hash memory, each user hash bucket can contain approximately 512 active elements (“sessions”). To determine the total number of supported NAT sessions, multiply:

128 (user hash buckets) x 512 (max elements per user hash bucket) = 65,536 NAT sessions

To support more than 65,536 NAT sessions, NAT user hash memory must be increased along with NAT user hash buckets. In the case of user hash, a single client may consume many elements/sessions, limited by the nat max-translations-per-user option mentioned previously in this section.

The nat translation options are similar to the nat user options, but are utilized for endpoint-dependent NAT lookup tables.