Just bought a firewalla purple, I'm a fairly advanced user / quite technical. I was wondering if NAT is putting a decent amount of load on the CPU of the device and if it made sense to put the Firewalla in routing mode so that the firewalla just sends the traffic to a gateway on a different subnet.

Example:
192.168.1.1 AT&T BGW320 Gateway (decent CPU)
192.168.1.2 Firewalla WAN interface
192.168.74.1/24 firewalla LAN network

So I'd configure a static route in the AT&T Gateway, 192.168.74.0/24 -> 192.168.1.2

And I'd disable NAT in the firewalla, and set the default gateway for the firewalla to be 192.168.1.1

Now when a device on my home network, like 192.168.74.10 sends traffic to 192.168.74.1, the firewalla would then send it on to 192.168.1.1 and that's where the NAT occurs and then sends it out to the internet.

The benefit to this design is that the firewalla is still handling all the internal network traffic, which group can access which content, etc. but it's no longer wasting CPU on NAT. Leaving it plenty of CPU for smart queue/aqm, IPS/IDS, monitoring, etc.

Would this work better? I have a 1gbps/1gbps fiber connection at home and want to use a lot of the advanced features of the Firewalla Purple but I see these features as CPU intensive and I'm wondering if I'll end up killing my overall throughput if I enable/utilize too many features.