«

Im setting up a handful of sites to use a web application at a main site,
where speed is an important issue. Im considering using portmapping to
make the application avialable. My question is how well does this scale?
portmapping would use more memory on the router, so is there a limit to how
many connections a port map should handle? would there be more significant
speed if I just routed everything to another IP.

G.

In article <chliv4$9d4$>,
gooogooo <> wrote:
:Im setting up a handful of sites to use a web application at a main site,
:where speed is an important issue. Im considering using portmapping to
:make the application avialable. My question is how well does this scale?
ortmapping would use more memory on the router, so is there a limit to how
:many connections a port map should handle?

We can't answer that question without knowing the models, boards,
and software revisions involved. Different Cisco routers and firewalls
have different architectures, so what might be expensive on one of
them might be cheap on a different one (or might be cheap on the same
equipment with the next software rev after the one you have.)

:would there be more significant
:speed if I just routed everything to another IP.

If that receiving machine must then examine the port and route to
the appropriate local machine that is handling that particular service,
then that would likely be slower. On the other hand, if everything
is being handled on just one machine anyhow, then what you want is
probably not so much port *mapping* as port *filtering* to block
the undesired traffic from reaching that server machine. Port filtering
would be handled by ACLs, and ACLs are [I read] "inexpensive" on all
current Cisco routers with modern software. In sufficiently old hardware
or software ACLs might be "expensive".
--
"I want to make sure [a user] can't get through ... an online
experience without hitting a Microsoft ad"
-- Steve Ballmer [Microsoft Chief Executive]

"Walter Roberson" <> wrote in message
news:chljh7$ihc$...
> In article <chliv4$9d4$>,
> gooogooo <> wrote:
> :Im setting up a handful of sites to use a web application at a main site,
> :where speed is an important issue. Im considering using portmapping to
> :make the application avialable. My question is how well does this scale?
> ortmapping would use more memory on the router, so is there a limit to
how
> :many connections a port map should handle?
>
> We can't answer that question without knowing the models, boards,
> and software revisions involved. Different Cisco routers and firewalls
> have different architectures, so what might be expensive on one of
> them might be cheap on a different one (or might be cheap on the same
> equipment with the next software rev after the one you have.)
>
> :would there be more significant
> :speed if I just routed everything to another IP.
>
> If that receiving machine must then examine the port and route to
> the appropriate local machine that is handling that particular service,
> then that would likely be slower. On the other hand, if everything
> is being handled on just one machine anyhow, then what you want is
> probably not so much port *mapping* as port *filtering* to block
> the undesired traffic from reaching that server machine. Port filtering
> would be handled by ACLs, and ACLs are [I read] "inexpensive" on all
> current Cisco routers with modern software. In sufficiently old hardware
> or software ACLs might be "expensive".
> --
> "I want to make sure [a user] can't get through ... an online
> experience without hitting a Microsoft ad"
> -- Steve Ballmer [Microsoft Chief Executive]


Got a 828 on a 2/2M line with IOS 12.2. Probably doesn't make a
noticeable difference. There is just one receiving machine, it wouldn't
route any further.