Yeah, you could get simple peering to work. But think about it, 4 uplinks.
..... If you buy 4 links you usually want to utilize them right ??
Utilizing 4 links would be anything but simple. Even if you set it up to
use just one link at a time with failover. When it failed, All sessions
would be lost due to NAT state. Even though it will take BGP a little
while to converge depending on who and where you are peering. It's still
piss poor design.
All the different load balancing scenarios that I can think of would require
some really weird stuff. Most just won't work because of the statefullness
of NAT. The ones I can think of that will work would require 4 routable IP
blocks living on loopback interfaces. It's anything but simple !!
It's kinda fun to think "out of the bubble" on stuff like this. But, as
Chuck mentioned, I think the bubble bursts on this one !! :)
If anybody knows a simple way to utilize 4 links with this setup I sure
would love to see it. It would be pretty cool !!
Tony M.
#6172
----- Original Message -----
From: Erick B.
To:
Sent: Sunday, July 22, 2001 8:24 PM
Subject: RE: Configure Nat with BGP [7:13265]
> It would work and would be pretty simple. Just need to
> make sure that port 179 isn't getting translated,
> might need a static mapping, etc. Depends on whats
> going on and addressing.
>
> --- Chuck Larrieu wrote:
> > It's the Lab mentality, Tone. You practice doing
> > screwy things so you can
> > pass the lab, and you become warped in the process,
> > and begin to believe
> > that doing screwy things is normal.
> >
> > as an intellectual exercise, I can think of no
> > reason why BGP wouldn't work
> > over GRE tunnels, but I sure as hell would not even
> > in my worst Lab
> > nightmare think about trying BGP through NAT. Not
> > even the Lab proctors
> > could be that sick ;->
> >
> > Chuck
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Tony Medeiros
> > Sent: Sunday, July 22, 2001 2:35 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Configure Nat with BGP [7:13265]
> >
> >
> > I don't think you want to do that. If you have the
> > bucks for 4 internet
> > circuits, you should have the bucks for a firewall
> > or another router behind
> > your edge router to do the nat. I doubt that this
> > will work. In fact, If
> > you have any asymmetric routing going on at all
> > (packets going out one
> > interface and returning on a different one), It
> > flat out won't work.
> >
> > I can foresee so many issues with this setup that I
> > wouldn't even attempt
> > it. I suppose that if you had just static mappings
> > and tweaked the BGP just
> > right it might work. But if you have a circuit
> > failure and BGP rolls over
> > to another interface, it will break the sessions.
> > Load balancing will be a
> > nightmare. So will peering. Maybe this could be
> > done with loopbacks and
> > policy routing on the inside interface pointing at
> > the loopbacks for the
> > next hop... I don't know. It sounds too ugly even
> > to try. Maybe I'm
> > wrong, Anybody else ever try this ???
> >
> > My humble opinion...... Get a firewall or another
> > router.
> >
> > Tony M.
> > #6172
> >
> > ----- Original Message -----
> > From: Justin Lofton
> > To:
> > Sent: Sunday, July 22, 2001 1:02 PM
> > Subject: Configure Nat with BGP [7:13265]
> >
> >
> > > I'm trying to configure NAT on a router that is
> > running BGP between 4
> > > internet circuits. Can't find anything on CCO.
> > Which interface do I use
> > as
> > > ip nat outside? Just one or all four? I'm
> > confused. Can anyone out there
> > > help me with this one?
> > >
> > > Thanks Everyone!
> > >
> > > Justin Lofton
> > > Account Executive/CCNA
> > > Tredent Data Systems
> > > [EMAIL PROTECTED]
> > > V: (818) 222-3770
> > > F: (818) 222-3778
> > > http://www.tredent.com/
> [EMAIL PROTECTED]
>
>
> __________________________________________________
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13311&t=13265
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]