<html>
<head>
<meta content="text/html; charset=ISO-8859-2"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 2016-08-09 00:36, Michael J. Gage
wrote:<br>
</div>
<blockquote
cite="mid:D20A3427057B584DB4193D27EAD39D5101DE040F4E@exch-2010"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-2">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \, serif";
panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
p.txt1, li.txt1, div.txt1
{mso-style-name:txt1;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.txt
{mso-style-name:txt;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
p.txt2, li.txt2, div.txt2
{mso-style-name:txt2;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
span.EmailStyle26
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";
color:black;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:376469871;
mso-list-type:hybrid;
mso-list-template-ids:-721802804 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Your assumption
is correct.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">This will be
for a IPTV SetTopBox Environment.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">We will be
providing DHCP on a quiet network to the STB VLAN.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">We want to
allow access to specific internet based resources (advanced
STB features).<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">To break things
down to a step by step, I would like to at least get a
functional dynamic NAT for outbound traffic.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">I can collapse
to a single context to complete the proof of concept phase.</span></p>
</div>
</blockquote>
<br>
Well, in theory it is possible, but our configuration for similar
case is different.<br>
We have NAT on subscriber's profile - (policy access list can do
exception which classes to ignore so not to NAT).<br>
<br>
In your case, defaultroute must be set to next-hop - another
context, and in that public context you might want<br>
to use static NAT function.<br>
But we have not tested this..<br>
<br>
However, separate context for management (context local) is a good
idea that we use.<br>
All other functions as BGP, BRAS, IPTV are in separate contexts.<br>
<br>
Marcin<br>
<br>
<br>
<blockquote
cite="mid:D20A3427057B584DB4193D27EAD39D5101DE040F4E@exch-2010"
type="cite">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Any help is
appreciated.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">
Marcin Kuczera [<a class="moz-txt-link-freetext" href="mailto:marcin@leon.pl">mailto:marcin@leon.pl</a>]
<br>
<b>Sent:</b> Monday, August 08, 2016 3:09 PM<br>
<b>To:</b> Michael J. Gage<br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:redback-nsp@puck.nether.net">redback-nsp@puck.nether.net</a><br>
<b>Subject:</b> Re: [rbak-nsp] NAT Example Requests<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On 2016-08-06 00:22, Michael J. Gage
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">We would like
to utilize multiple contexts.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="font-family:Symbol"><span style="mso-list:Ignore">·<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">context subscriber</span><o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="font-family:Symbol"><span style="mso-list:Ignore">·<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">context internet</span><o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="font-family:Symbol"><span style="mso-list:Ignore">·<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">context management</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">The
subscribers will connect via DHCP in the subscriber
context assigned via a dynamic private IP pool.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">They will
have access to servers and services within that context
without the need for NAT.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">The internet
context will have public IP address and servers as well as
ACLs for limiting public access.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">We will need
to set up NAT for limited internet access for the
subscribers from the subscriber context.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">We also want
the option of creating static NAPT (port forwarding) to
devices in both the subscriber and management contexts.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">We are
currently using a SE400 with four 10ge-1-port line cards
that we were hoping to use in two separate two port
link-groups for failover.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">We would like
to terminate different classes of subscribers on separate
dot1q pvc trunks via one link-group and use the other one
for an upstream link.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">We have an
enhanced NAT license if we need it, but I would prefer to
only use it only if it is required.</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif""><br>
Is it for SetTopBoxes for IPTV ?<br>
<br>
What you need is inter-context routing I guess. Is it ?<br>
Why am I asking... this is not usual configuation for
subscribers that are behind NAT.<br>
<br>
Marcin<br>
<br>
<br>
<br>
<br>
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Thank you for
your help.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">
redback-nsp [<a moz-do-not-send="true"
href="mailto:redback-nsp-bounces@puck.nether.net">mailto:redback-nsp-bounces@puck.nether.net</a>]
<b>On Behalf Of </b>Marcin Kuczera<br>
<b>Sent:</b> Friday, August 05, 2016 12:22 PM<br>
<b>To:</b> <a moz-do-not-send="true"
href="mailto:redback-nsp@puck.nether.net">redback-nsp@puck.nether.net</a><br>
<b>Subject:</b> Re: [rbak-nsp] NAT Example Requests</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">On 2016-08-04 23:13, Michael J. Gage
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">We would like to use a NAT policy on
traffic between contexts.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Two context, one public and one private.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">The goal is to have a public IP context
that performs NAT and a separate private context that only
routes between interfaces with a default inter-context
route.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Suggestions and examples are appreciated.<o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New Roman ,
serif","serif""><br>
The problem is, that NAT policy for subscribers should be
directly connected with subscriber's profile (CLIPS/PPP).<br>
In other case, this will be regular NAT, without all the
features like CGNAT, logging, lawful-intercept etc..<br>
<br>
I'am not sure what is that you want to achieve ?<br>
<br>
Btw, could you share with me - what GPON equipment are you
using ?<br>
<br>
Regards,<br>
Marcin<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Michael Gage<o:p></o:p></p>
<p class="MsoNormal">Network Operations<o:p></o:p></p>
<p class="MsoNormal">LocalTel Communications<o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New Roman ,
serif","serif""><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>redback-nsp mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:redback-nsp@puck.nether.net">redback-nsp@puck.nether.net</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="https://puck.nether.net/mailman/listinfo/redback-nsp">https://puck.nether.net/mailman/listinfo/redback-nsp</a><o:p></o:p></pre>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:12.0pt;font-family:"Times New Roman ,
serif","serif""> </span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New Roman
, serif","serif"">--
</span><o:p></o:p></p>
<p style="line-height:10.5pt"><span class="txt"><b><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">Marcin
Kuczera</span></b></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">
/
<span class="txt">Wiceprezes Zarządu / CTO</span><br>
<span class="txt">+48 32 440 80 71/ <a
moz-do-not-send="true"
href="mailto:marcin.kuczera@leon.pl" id="email-input">
<span style="color:#51930B">marcin.kuczera@leon.pl</span></a></span></span><o:p></o:p></p>
<p style="line-height:10.5pt"><span class="txt"><b><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">Leon
Sp. z o.o.</span></b></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><br>
</span><span class="txt"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">ul.
Kilińskiego 33d, 44-200 Rybnik
</span></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><br>
<a moz-do-not-send="true" href="http://www.leon.pl/"
id="website-input"><span style="color:#51930B">http://www.leon.pl/</span></a></span><o:p></o:p></p>
<p class="txt1" style="line-height:10.5pt"
id="disclaimer-input"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">INTERNET
| TELEWIZJA | TELEFON</span><o:p></o:p></p>
<p style="line-height:10.5pt"><span class="txt"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">KRS
0000223101 Sąd Rejonowy w Gliwicach</span></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999"><br>
<span class="txt">Kapitał zakładowy 282.500 zł</span><br>
<span class="txt">NIP: 6332068698</span></span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif""><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">--
<o:p></o:p></span></p>
<p style="line-height:10.5pt"><span class="txt"><b><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">Marcin
Kuczera</span></b></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">
/
<span class="txt">Wiceprezes Zarządu / CTO<br>
+48 32 440 80 71/ <a moz-do-not-send="true"
href="mailto:marcin.kuczera@leon.pl" id="email-input"><span
style="color:#51930B">marcin.kuczera@leon.pl</span></a></span><o:p></o:p></span></p>
<p style="line-height:10.5pt"><span class="txt"><b><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">Leon
Sp. z o.o.</span></b></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><br>
</span><span class="txt"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">ul.
Kilińskiego 33d, 44-200 Rybnik
</span></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><br>
<a moz-do-not-send="true" href="http://www.leon.pl/"
id="website-input"><span style="color:#51930B">http://www.leon.pl/</span></a><o:p></o:p></span></p>
<p class="txt2" style="line-height:10.5pt"
id="disclaimer-input"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">INTERNET
| TELEWIZJA | TELEFON<o:p></o:p></span></p>
<p style="line-height:10.5pt"><span class="txt"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:#999999">KRS
0000223101 Sąd Rejonowy w Gliwicach<br>
Kapitał zakładowy 282.500 zł<br>
NIP: 6332068698</span></span><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p></o:p></span></p>
</div>
</div>
</blockquote>
<br>
<br>
<div class="moz-signature">-- <br>
<p style="font-family: Helvetica, Arial, sans-serif; font-size:
12px; line-height: 14px; color: #999999;"><span id="name-input"
class="txt" style="font-weight: bold;">Marcin Kuczera</span> <span
id="title-sep">/</span> <span id="title-input" class="txt"
style="color: #999;">Wiceprezes Zarządu / CTO<span><br>
<span id="mobile-input" class="txt" style="color: #999;">+48
32 440 80 71<span id="email-sep" class="txt">/</span> <a
id="email-input" class="link email" style="color:
#51930b;" href="mailto:marcin.kuczera@leon.pl">marcin.kuczera@leon.pl</a></span></span></span></p>
<p style="font-family: Helvetica, Arial, sans-serif; font-size:
12px; line-height: 14px;"><span id="company-input" class="txt"
style="font-weight: bold; color: #999;">Leon Sp. z o.o.</span>
<span id="office-sep" class="txt" style="color: #999;"> </span>
<span id="address-sep"><br>
</span> <span id="address-input" class="txt" style="color:
#999;">ul. Kilińskiego 33d, 44-200 Rybnik </span><br>
<a id="website-input" class="link" style="color: #51930b;"
href="http://www.leon.pl/">http://www.leon.pl/</a></p>
<p id="disclaimer-input" class="txt" style="font-family:
Helvetica, Arial, sans-serif; color: #999999; font-size: 12px;
line-height: 14px;">INTERNET | TELEWIZJA | TELEFON</p>
<p style="font-family: Helvetica, Arial, sans-serif; font-size:
12px; line-height: 14px;"><span id="office-sep" class="txt"
style="color: #999;">KRS 0000223101 Sąd Rejonowy w Gliwicach<br>
<span id="mobile-input" class="txt" style="color: #999;"></span><span
id="mobile-input" class="txt" style="color: #999;"> Kapitał
zakładowy 282.500 zł<br>
<span id="mobile-input" class="txt" style="color: #999;"></span><span
id="mobile-input" class="txt" style="color: #999;"> NIP:
6332068698</span></span></span></p>
</div>
</body>
</html>