[j-nsp] Combining two MS-MIC in MX104 for CGNAT
Pavel Lunin
plunin at gmail.com
Mon Sep 25 11:52:28 EDT 2017
Hi Aaron,
Yes, I had a customer with 2× MS-MICs in an MX104 in production. No major
issues with this so far.
They use nor ams neither rsp, just old-good per source IP FBF with bit
masks like this:
from source address 10.0.0.0/255.0.0.1 then routing-instance CGN-1 /*
10.x.x.a, a is even */
from source address 10.0.0.1/255.0.0.1 then routing-instance CGN-2 /*
10.x.x.b, b is odd */
With manual pools partitioning and some additional route leaking tricks to
make it redundant.
A major concern for CGN is that you want all sessions from the same source
IP to be nated to the same external address. Otherwise your support will
die under tons of "why my passive mode FTP/PPTP/IPsec don't work?" This is
why basic ECMP is normally not the best option. No idea how ASM deals with
this, I think it should, but just be aware.
Pavel
2017-09-13 19:44 GMT+02:00 Aaron Gould <aaron1 at gvtc.com>:
> Has anyone tried this combing two MS-MIC-16G cards to accomplish higher
> CGNAT throughput ?
>
> -Aaron
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list