[c-nsp] BGP through a NAT device

[Jerred Horsman]

Hi all,
I have an interesting question that I am going to be labing soon.  Is it possible to NAT a connect-source for a BGP session and still establish a peering?  Obviously this would also require a NATng of the BGP packets as the connect-source wouldn't match what the BGP OPEN message is indicating.  Example being: a router connected inside a corporate network, with all RFC 1918 addresses.  You configure an eBGP peer outside of your firewall and that address is being NATd to some public space.  The other router points his peering towards the public address so he has reachability to it, but without some NATng of the OPEN message obviously there is a mismatch and things wouldn't work.  I hope this is explained well enough to make sense.  Thanks for any input ahead of time!