Cirrostratus
EmployeeHi SWJO,
if you use HCL in TCP mode, the BIG-IP is able to multiplex logs into few TCP connections (same behaviour as OneConnect in a way).
depending on your platform 150k CPS (which IMO will be less, if you multiplex logs as mentioned), need to be checked, but should not impact the system more than normal tcp connections for the same device.
for disk, if your HSL is writing directly (and you don’t use any log local commands, then nothing is stored in the disk of the BIG-IP.
you mentioned CGNAT, and i can tell you that there is a lot of CSPs that use this way of logging to do legal interception or even traffic jogging based on IMEIs for example.