You wanna see the juniper configs for your ASR1006? Not sure why we didn't use netflow. I guess because syslog worked and that's where the docs led me
Aaron > On Jul 9, 2018, at 2:52 AM, Ring Bit <[email protected]> wrote: > > Hi Aaron, > > Could you post the nat configs? > > Why not use Netflow? > > Thanks. > T. > >> Sent: Sunday, July 08, 2018 at 10:14 PM >> From: "Aaron Gould" <[email protected]> >> To: [email protected] >> Cc: [email protected] >> Subject: Re: [c-nsp] NAT logging ASR1k >> >> Bulk logging and port block allocation (PBA)? >> >> https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/nat-xe-3s-book/iadnat-bpa.html >> >> I do PBA in groups of 100 ports on my CGNAT deployment (juniper) and use >> syslog to log. Using port block allocation caused the syslogging to slow >> down significantly >> >> Aaron >> >>> On Jul 8, 2018, at 10:12 AM, [email protected] wrote: >>> >>> Hi everybody, >>> >>> Have an ASR 1006 doing NAT translations, it is having around 300k+ and >>> wanted to ask for a recommendation about logging those NAT translations. >>> >>> Tried it with a collector via Netflow v9 with the export command "ip nat >>> log translationsflow-export v9 udp destination" command the CPU spiked to >>> 100%. >>> >>> Is there a recommendation as a workaround or have alternative solution >>> which is easy on resources to those massive NAT translations? >>> >>> Thanks, >>> T. >>> _______________________________________________ >>> cisco-nsp mailing list [email protected] >>> https://puck.nether.net/mailman/listinfo/cisco-nsp >>> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> >> _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
