North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: intranet
At 07:44 AM 8/20/98 PDT, Vince Fuller wrote: You might want to check out: Enabling Enterprise Multihoming with Cisco IOS Network Address Translation (NAT) http://www.cisco.com/warp/public/732/net_foundation/emios_wp.htm as well as: http://www.academ.com/nanog/feb1998/nat/index.html -Hank >> At 05:43 PM 8/18/98 +0800, [email protected] wrote: >... >> >Proposed Solution: >> > >> >The 7010 router will be connected to the 2 ISPs. The 7010 will be upgraded >> >to an IOS that supports NAT; all IP address behind the 7010 will be treated >> >as internal IP addresses (to reduce reconfiguration). IP address subnets >> >from both ISPs will be NAT-mapped to internal IP addresses over the 7010, >> >including the DNS server and the mail server. >> > >> >The DNS will be configured to use their DNS as the primary name server. >> >The 2 ISPs' name servers will be used as secondary name servers. >> > >> >The mail server will be configured to have 2 IP address, one actual and one >> >virtual IP address using the network card. The DNS will have an MX 10 and >> >an MX 20, each pointing to one IP addresses for the network card. >> > >> > >> >Is this solution possible? Will it work? Did I forget anything? Any tips? >> >> That is one way to do it .. another and I think a BETTER way would be to >> only use 1 set of ip's ( a set that is "portable" ) and talk bgp with both >> providers. This way you can move the traffic in the most efficient way . If >> you take routes from both of em you may get a better path to site X from >> provider a and a better path to site Y from provider B . >> >> This way if provider a goes down the BGP will move trafic of the link that >> is still "GOOD" > >The NAT approach has the obvious advantage of being more "CIDR-friendly" >to the "global Internet". It is probably somewhat more complicated, but if >implemented correctly, it should provide reasonable redundancy and load- >sharing just like a "portable" address space solution. > > --Vince > >
|