[Vigor3900] What is Fast NAT and when to Use it?
Support Model : Vigor3900Vigor2960Vigor300B
Since firmware version 1.3.2, Vigor3900/2960/300B support Fast NAT function. It allows specific LAN hosts to skip the inspecting by CPU and go to the fast NAT path directly. Which means, router will forward the traffic from the specific LAN to the choosen WAN directly. This function will reduce the CPU loading and speed up the performance of for the NAT sessions. However, due to the traffic skip the inspecting, some of the features will not work on the LAN which has set to Fast NAT, including the firewall.
Take the scenario below as an example:
Vigor3900 acts as Internet gateway for a university dormitory and there are hundreds of students accessing Internet through Vigor3900 at night so CPU usage during the time is usually high. Network administrator would like to reduce the CPU usage and speed up the NAT performance of students’ LAN, also, need to set up the exception for the VPN network to let the students to connect to the academic network of the university.
The followings show the configurations to use Fast NAT function to achieve these purposes:
1. Go to NAT >> Fast NAT page, click Add to create a Fast NAT profile.
a. Tick Enable
b. Enter Source Subnet, and select the subnet mask (in this scenario, it is the LAN subnet of the student dormitory)
c. Select the Out-Going Interface
2. Add Exceptions when needed.
If Vigor3900 have VPN connections to the other remote networks and you want the local network can access the remote VPN network, we need to add the remote VPN networks as the exception subnets in the Fast NAT profile.
a. Go to NAT >> Fast NAT page, click Add to create an Exceptions profile.
b. Enter Profile name
c. Enter Destination IP and select the subnet mask
1. Fast NAT only works for outgoing NAT sessions.
2. Firewall / Web Portal / Session Limit will not work on the source subnet we specified after Fast NAT enable.
3. Sessions through Fast NAT won't be calculated after enabling Fast NAT.
4. Support up to 16 Fast NAT profiles.
When to use Fast NAT?
We can use Fast NAT while observing:
1. CPU usage of Vigor3900 is high (over 90%)
2. Vigor3900 have many out-going NAT sessions