Hi,

I'm preparing a CGNAT configuration like in the wiki article and I'm concerned about the speed of parsing ip nat rules.

For example if I'm going to map ~250 private ip address and I'm reserving 512 ports for NAT per private IP, then I can put 126 private IPs per public IP, so I need 2 public IPs.

so I need 126 rules (N=1..126) like this:
/ip firewall nat add chain=src-nat action=src-nat to-addresses=<public-ip> to-ports=(512*N)-(512*(N+1)-1) src-address=10.0.0.N

the question is: Is this Slow ?
what if put a 2nd set 126 rules to complete the private /24 ?

Or is better to put jump rules: select groups of 16 or 32 private IPs then jump to a chain with a NAT set of rules of 16 or 32 src-nat rules ?

Is there any rule to optimize groups of NAT rules if there are 100s?

Thanks
Antonio

Remember NAT rules are only processed once for each connection.
Then they create a connection entry that handles the traffic.
Of course there are limitations on the amount of traffic that can be successfully handled by the router in NAT configuration, but I don't expect it to be limited by what you describe.
Make sure you have a CCR router.