[c-nsp] VRF-Aware NAT in ASR1k

Derick Winkworth dwinkworth at att.net
Sat Aug 7 10:52:31 EDT 2010


I believe the limit is 500 *pairs* of interfaces...

We are using the ASR too for this exact thing.



________________________________
From: Matthew Melbourne <matt at melbourne.org.uk>
To: Neil Fenemor <Neil.Fenemor at fx.net.nz>
Cc: cisco-nsp at puck.nether.net
Sent: Sat, August 7, 2010 9:04:37 AM
Subject: Re: [c-nsp] VRF-Aware NAT in ASR1k

Yes, I saw VASI Enhancements Phase I in the latest ASR 3.1S release notes.
There is a limit of 500 VASI interfaces which may be an issue for multiple
customer VRFs. Basically, the requirement is to NAT hosts within hosted
customer private networks (VRFs) to another private range which makes them
available and routable from our management systems, and additionally
provides limited Internet access to update servers, etc.

-----Original Message-----
From: Neil Fenemor [mailto:Neil.Fenemor at fx.net.nz] 
Sent: 07 August 2010 02:55
To: Matthew Melbourne
Subject: Re: [c-nsp] VRF-Aware NAT in ASR1k

Hi Matthew, 

Have you looked at VASI at all? It's a reasonably recent addition to the
ASR1k codebase, but does some interesting things. 

Cheers,

neil

On 6/08/2010, at 8:52 PM, Matthew Melbourne wrote:

> Hi,
> 
> Is it possible to implement VRF-Aware NAT on the ASR1k, specifically
> NAT between two different VRFs? Ideally, I have a requirement to NAT
> between customers' VRFs and a management VRF and from customers' VRFs
> to the global table (for limited Internet access).
> 
> Cheers,
> 
> Matt
> 
> -- 
> Matthew Melbourne
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Neil Fenemor
Señor Network Engineer
FX Networks

(m) 021 978 078
(e) neil.fenemor at fx.net.nz
(w) http://www.fx.net.nz/
(p) 04 498 9565
(f) 04 498 9649

Level 3
FX Networks House
138 The Terrace
Wellington


No virus found in this incoming message.
Checked by AVG - www.avg.com 
Version: 9.0.851 / Virus Database: 271.1.1/3056 - Release Date: 08/07/10
07:28:00


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list