What is Fast NAT and when to use it? (For Vigor3900/2960)

Since firmware version 1.3.2, Vigor3900/2960/300B support Fast NAT function. It allows specific LAN hosts to skip the inspecting by CPU and go to the fast NAT path directly. Which means, the router will forward the traffic from ta particular LAN to the chosen WAN directly. This function will reduce the CPU loading and speed up the performance of for the NAT sessions. However, due to the traffic skip the inspecting, some features will not work on the Fast NAT LAN, including the firewall.

Take the scenario below as an example: Vigor3900 acts as the Internet gateway for a university dormitory, and there are hundreds of students accessing the Internet through it at night, so CPU usage during the time is usually high. The network administrator would like to reduce the CPU usage and speed up the NAT performance of students' LAN, also, need to set up the exception for the VPN network to let the students connect to the campus network.

The followings show the configurations to use Fast NAT function to achieve these purposes:

1. Go to NAT >> Fast NAT page, click Add to create a Fast NAT profile.

  1. Tick Enable
  2. Enter Source Subnet, and select the subnet mask (in this scenario, it is the LAN subnet of the student dormitory)
  3. Select the Out-going Interface
a screenshot of VIgor3900 Fast NAT settings

2. (Optional) Add Exceptions. If the router have VPN connections to the other remote networks and you want the local network can access the remote VPN network, we need to add the remote VPN networks as the exception subnets in the Fast NAT profile.

  1. Go to NAT >> Fast NAT page, click Add to create an Exceptions profile.
  2. Enter Profile name
  3. Enter Destination IP and select the subnet mask
a screenshot of VIgor3900 Fast NAT settings

NOTE:

  1. Fast NAT only works for out-going NAT sessions.
  2. Firewall / Web Portal / Session Limit / NAT Port Redirection will not work on the source subnet we specified after Fast NAT enable.
  3. Sessions through Fast NAT won't be calculated after enabling Fast NAT.
  4. Support up to 16 Fast NAT profiles.

When to use Fast NAT?

We can use Fast NAT while observing:

  1. The CPU usage of the router is high (over 90%)
  2. The router has many out-going NAT sessions

Published On:2018-01-02 

Was this helpful?