You can have failover, just the connections will be broke aand they will have to be restarted. That’s it. Normally I don’t worry about that kind of stuff.
Dennis Burgess – Network Solution Engineer – Consultant MikroTik Certified Trainer/Consultant<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE For Wireless Hardware/Routers visit www.linktechs.net<http://www.linktechs.net/> Radio Frequency Coverages: www.towercoverage.com<http://www.towercoverage.com/> Office: 314-735-0270 E-Mail: dmburg...@linktechs.net<mailto:dmburg...@linktechs.net> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown Sent: Monday, January 15, 2018 1:34 PM To: af@afmug.com Subject: Re: [AFMUG] IPv4 exhaust again Too bad. I am kind of scared to not have some kind of hot standby or load sharing that will fail in a graceful manner. From: Dennis Burgess Sent: Monday, January 15, 2018 12:28 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again MT does not do stateful failover ☹ sorry. Dennis Burgess – Network Solution Engineer – Consultant MikroTik Certified Trainer/Consultant<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE For Wireless Hardware/Routers visit www.linktechs.net<http://www.linktechs.net/> Radio Frequency Coverages: www.towercoverage.com<http://www.towercoverage.com/> Office: 314-735-0270 E-Mail: dmburg...@linktechs.net<mailto:dmburg...@linktechs.net> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown Sent: Monday, January 15, 2018 1:24 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again I wonder if it would handle two boxes, sync them and have a nice stateful failover mechanism? From: Steve Jones Sent: Monday, January 15, 2018 12:21 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again srcnat is what we use. 1800 connections right now from one section of the network On Mon, Jan 15, 2018 at 1:10 PM, Chuck McCown <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: What flavor of NAT does mikrotik implement? From: Chuck McCown Sent: Monday, January 15, 2018 12:07 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again Wonder how heavy we can load that... I would want it to be able to handle 8000 connections. From: Steve Jones Sent: Monday, January 15, 2018 12:05 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again ccr1072 On Mon, Jan 15, 2018 at 12:59 PM, Chuck McCown <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: What are you using? Router NAT or a server or ? From: Steve Jones Sent: Monday, January 15, 2018 11:48 AM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again Im not going to lie, we are natting at 1:300 across a handful of publics and have little to no issue, though we really should since the customer router double NATs On Mon, Jan 15, 2018 at 12:39 PM, Chuck McCown <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: I need to have about /19 worth of customers natted to as few V4s as is needed to make it work properly. We currently have about 3 /21s I think. Don’t want to have to buy a fourth. From: Dennis Burgess Sent: Monday, January 15, 2018 11:34 AM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again Mikrotik can do that, I have a router with 20k NAT rules natting two /21s to less than 254 ips .:) Dennis Burgess – Network Solution Engineer – Consultant MikroTik Certified Trainer/Consultant<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE For Wireless Hardware/Routers visit www.linktechs.net<http://www.linktechs.net/> Radio Frequency Coverages: www.towercoverage.com<http://www.towercoverage.com/> Office: 314-735-0270<tel:(314)%20735-0270> E-Mail: dmburg...@linktechs.net<mailto:dmburg...@linktechs.net> From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup Sent: Monday, January 15, 2018 12:28 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] IPv4 exhaust again Dual-stack and CGN? You can get 8:1, 16:1 or even 32:1 out of a single public IPv4 address. Give 8 customers 8k ports each, or 16 customer 4k ports each, 32 customers 2k ports each. That's *source* ports, so they're not limited to 8k, 4k or 2k connections total. You have to look at in both directions. 10.10.10.10:1024<http://10.10.10.10:1024> -> 8.8.8.8:53<http://8.8.8.8:53> and 10.10.10.10:1024<http://10.10.10.10:1024> -> 8.8.4.4:53<http://8.8.4.4:53> mappings are both valid, and it obviously goes a lot deeper than that. Seems to be a whole lot easier than some crazy NAT appliance that's running the whole network. I haven't done anything like this, but I'm considering it. I think Juniper even lets you do this with a couple commands? Yeah, I'm too cheap for that. Something else to keep in mind is that most consumer grade routers still have a fairly limited connection table. My Cambium cnPilot router I have at home lets you adjust the max table size (up to 8192). Most are 2k or 4k. While even a low-end MikroTik will give you >100k. On 1/15/2018 11:35 AM, Chuck McCown wrote: Planning to buy another /21 or some such thing .... again ...... � So going to attempt to NAT the whole frigging company. � Seems like I am going in reverse here. � If we can make NAT work for most customers, then that will buy us time to build our magic V4 translator gateway box for a V6 only network.� � Any suggestions on the best way to do this?
