[rbak-nsp] NAT Example Requests
Michael J. Gage
mgage at localtel.net
Mon Aug 8 18:36:40 EDT 2016
Your assumption is correct.
This will be for a IPTV SetTopBox Environment.
We will be providing DHCP on a quiet network to the STB VLAN.
We want to allow access to specific internet based resources (advanced STB features).
To break things down to a step by step, I would like to at least get a functional dynamic NAT for outbound traffic.
I can collapse to a single context to complete the proof of concept phase.
Any help is appreciated.
From: Marcin Kuczera [mailto:marcin at leon.pl]
Sent: Monday, August 08, 2016 3:09 PM
To: Michael J. Gage
Cc: redback-nsp at puck.nether.net
Subject: Re: [rbak-nsp] NAT Example Requests
On 2016-08-06 00:22, Michael J. Gage wrote:
We would like to utilize multiple contexts.
* context subscriber
* context internet
* context management
The subscribers will connect via DHCP in the subscriber context assigned via a dynamic private IP pool.
They will have access to servers and services within that context without the need for NAT.
The internet context will have public IP address and servers as well as ACLs for limiting public access.
We will need to set up NAT for limited internet access for the subscribers from the subscriber context.
We also want the option of creating static NAPT (port forwarding) to devices in both the subscriber and management contexts.
We are currently using a SE400 with four 10ge-1-port line cards that we were hoping to use in two separate two port link-groups for failover.
We would like to terminate different classes of subscribers on separate dot1q pvc trunks via one link-group and use the other one for an upstream link.
We have an enhanced NAT license if we need it, but I would prefer to only use it only if it is required.
Is it for SetTopBoxes for IPTV ?
What you need is inter-context routing I guess. Is it ?
Why am I asking... this is not usual configuation for subscribers that are behind NAT.
Marcin
Thank you for your help.
From: redback-nsp [mailto:redback-nsp-bounces at puck.nether.net] On Behalf Of Marcin Kuczera
Sent: Friday, August 05, 2016 12:22 PM
To: redback-nsp at puck.nether.net<mailto:redback-nsp at puck.nether.net>
Subject: Re: [rbak-nsp] NAT Example Requests
On 2016-08-04 23:13, Michael J. Gage wrote:
We would like to use a NAT policy on traffic between contexts.
Two context, one public and one private.
The goal is to have a public IP context that performs NAT and a separate private context that only routes between interfaces with a default inter-context route.
Suggestions and examples are appreciated.
The problem is, that NAT policy for subscribers should be directly connected with subscriber's profile (CLIPS/PPP).
In other case, this will be regular NAT, without all the features like CGNAT, logging, lawful-intercept etc..
I'am not sure what is that you want to achieve ?
Btw, could you share with me - what GPON equipment are you using ?
Regards,
Marcin
Michael Gage
Network Operations
LocalTel Communications
_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net<mailto:redback-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/redback-nsp
--
Marcin Kuczera / Wiceprezes Zarządu / CTO
+48 32 440 80 71/ marcin.kuczera at leon.pl<mailto:marcin.kuczera at leon.pl>
Leon Sp. z o.o.
ul. Kilińskiego 33d, 44-200 Rybnik
http://www.leon.pl/
INTERNET | TELEWIZJA | TELEFON
KRS 0000223101 Sąd Rejonowy w Gliwicach
Kapitał zakładowy 282.500 zł
NIP: 6332068698
--
Marcin Kuczera / Wiceprezes Zarządu / CTO
+48 32 440 80 71/ marcin.kuczera at leon.pl<mailto:marcin.kuczera at leon.pl>
Leon Sp. z o.o.
ul. Kilińskiego 33d, 44-200 Rybnik
http://www.leon.pl/
INTERNET | TELEWIZJA | TELEFON
KRS 0000223101 Sąd Rejonowy w Gliwicach
Kapitał zakładowy 282.500 zł
NIP: 6332068698
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20160808/d90c8dcc/attachment-0001.html>
More information about the redback-nsp
mailing list