cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1018
Views
0
Helpful
6
Replies

how to obtain a public ip prefix for Extranet?

yifan.wang
Level 1
Level 1

hi! I hope this is the correct forum.

I'd like to obtain a /24 public IP address block, which will be used as the NAT pool that represent our company when this company connect to other business partners via Extranet.

Thus when we advertise this prefix to other firms:

1. this IP prefix is public

2. this IP prefix is not being advertised on the internet

I called ARIN but they told me we need to be BGP multi-homed first, already using /24 and show some usage...

or we can apply for prefix from ISP

I am a little confused now. I have worked in some other place where they already own a few /24. so they advertise a few on the internet, then use the other prefix for Extranet routing.

any help is appreciated!

Eric

6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

Eric

You could ask your ISP but chances are i would have thought they will be advertising this to the internet.

This extranet, how is it being created ie. is it a closed network that only the extranet partners connect into or is it run over the Internet - i'm guessing not as you don't want it advertised on the internet.

Have you considered using a private IP address space that is unique among all the extranet partners ?

Jon

using private IP is out of question. The prefix must be able to safely leak into any business partner's internal routing table.

1. must be public to avoid conflict with RFC1918

2. must not be advertised on internet. otherwise traffic to our prefix must go over the internet

How are you connecting to the internet? DSL? dedicated circuit (Frame, P2P, etc)?

depending on your internet connection, and your provider, you may not be able to get a full class C, in my experience you really shouldn't need that large of an adress space. Either way, you will probably have to justify the amount of addresses you are asking for and fill out an ARIN end-user network request (http://www.arin.net/registration/templates/index.html) your ISP should provide you with one.

You should not need to do anything with BGP unless you are already using BGP to advertise your existing public address space.

Your business partners are requesting you do this because they do not want a conflict with any of their other customer connections. I would assume that your connectivity to your partners will be through VPN, to/from a public IP you already have. Even though your new addresses need to be public and internet routable your partners won't necessarily be using internet routing to access your new block, they will create routing entries in their firewalls and VPN devices to route any traffic to your new block through a VPN pointing at your existing IP address.

I have set up many of these types of connections and would be happy to discuss this off line if you like.

kevin:

thanks a lot! I think it's better explained over the phone.

I am at 212 407 5008 or i can call you

thanks again

Eric Wang

Eric,

I am at a customer site, it would be better if you could call me. I have attached a simple diagram I just threw together to help explain things.

Kevin.

612-291-8062

attachement

Review Cisco Networking for a $25 gift card