[c-nsp] Re: Interfacing between VRF and global across interface in
one router
David Barak
thegameiam at yahoo.com
Tue Jan 18 11:13:16 EST 2005
--- Joe Maimon <jmaimon at ttec.com> wrote:
> Hello Rodney,
>
> At first cut, I am trying to effect a seperation
> between the interfaces
> which need (overload)natting done and the ones that
> dont. Exactly what
> that will buy me in terms of nat problems,
> performance or logical
> correctness I am not quite certain yet.
>
> As is currently, If it turn nat on for some
> interfaces on the router, I
> have to turn it on for all so that others dont see
> rfc1918 that they
> would not be expecting. Such is only proper.
>
> Why nat? Well some customers like to link up a few
> of their sites with
> the cheapest CPE possible which supports the
> simplest network possible.
>
A Linksys router is $40, and it runs NAT. I can't
really imagine that that's a serious cost barrier for
CPE.
Suggestion: have NAT happen on the CPE rather than on
your edge - it makes more logical sense, as that is
the actual point where the circuit becomes multiheaded
(i.e. many LAN devices, only one WAN path).
The solution you're looking at may actually work.
However, I can't imagine that you're not buying
yourself future trouble when you have to
migrate/scale/etc.
Also, running RIP with customers is another idea which
will encounter some serious scaling and security
issues pretty quickly.
-
=====
David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com
__________________________________
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250
More information about the cisco-nsp
mailing list