On 4/19/2010 10:40 AM, David Conrad wrote:
>> Here is some unverified calculations I did on the problem of scaling nat.
>> Right now I'm using 42 translation entries in my nat table.  Each entry takes
>> up 312 bytes of FIB memory, which is ~12.7 Kib of data in the FIB.  Mutiply
>> this by 250k users and we have 3,124,237 KiB of FIB entries, or 3.1 GiB.  This
>> is not running any PtP programs or really hitting the network, I'm just
>> browsing the web and typing this email to you.
> This is really interesting data.  What hardware is this on?

most firewall vendors can give you this information for their products. 
it tends to manifest itself in documented connection table size limits.

For devices using A PF derivative for example it's right around a 
kilobyte per entry....

platforms based on 32 bit memory architecture have a hard 4GB limit for 
that size of those datastructures.

