NAT oversubscription rate of 2x

[bilal_afzal1660]

On a firewall that has 32 Ethernet ports and is configured with a dynamic IP and port (DIPP) NAT
oversubscription rate of 2x, what is the maximum number of concurrent sessions supported by each
available IP address?

 

[bill001g]

You would have to read the manual for the firewall but in theory at least a single IP can support 65k sessions. Not sure if 2x over subscription means 128k, this depends on the firewall. The number of session is a very different number than the number of physical ports. A single machine can have a large number of open sessions. You can to a point see them in the network tab of the resource monitor on a pc. Problem is they come and go very quickly when you consider the number of crappy advertisements a web page loads.

If you only have 32 actual machines I doubt you will have a problem. In many cases the firewall/router will run out of cpu/memory before it hits the port limit. It really depends on the device you are using, some high end commercial firewalls have no issues with hundreds of machines connected behind them