07-14-2015 11:46 PM - edited 03-05-2019 01:52 AM
Hi friends,
This question is quite simple and basic but pls explain,
I know NAT is used to convrert the private to public IP, but when we have server and its need to connect to internet IN and OUT.
we have 2 ISPs using BGP and i want where exactly PRIVATE TO PUBLIC conversation happens in BGP setup.
Ex
bgp 65000
router-id <MGMT LOOPBACK>
import-route direct
undo synchronization
peer <ISP2 PE IP> as-number 9583
peer <ISP2 PE IP> description ISP2 peering
peer <ISP2 PE IP> route-policy Prefix-Out export
peer <ISP2 PE IP> route-policy Scy-Prefix-In import
peer <ISP1 PE IP> as-number 9829
peer <ISP1 PE IP> descriptionISP1 peering
peer <ISP1 PE IP> route-policy Prefix-Out export
peer <ISP1 PE IP> route-policy Pry-Prefix-In import
07-15-2015 01:50 AM
When you configure NAT you choose whether to configure it as dynamic NAT or as static NAT. With dynamic NAT the translation is built as inside/private addresses need to access outside/public addresses. Dynamic NAT can allow multiple inside/private addresses to share a single outside/public address. Dynamic NAT allows the inside/private host to initiate traffic and to receive responses from outside/public hosts. With static NAT the translation is built as it is configured and is permanent. Static NAT generally creates a one to one relationship between the inside/private and the outside/public address. Static NAT allows the inside/private host to initiate traffic and to receive responses from outside/public hosts and also allows outside/public hosts to initiate traffic to the inside/private host.
So if you have a server and it needs to be accessible from the Internet then you need to configure static NAT for this server.
I do not understand your second question. If you have 2 ISP using BGP there is not anything in the BGP setup that deals with PRIVATE to PUBLIC conversation. The address translation needs to happen before it gets to BGP.
HTH
Rick
07-15-2015 08:39 AM
Dear Richards Sir,
Thanks for the Reply.
for example we are cutomers and we have multiple branches and we have asked ISP to Provide Internet Connectivity and Also connect all the branches to the Head office using BGP protocol.
They are providing Some Private IPs ex 172.16.1.5, from that they are able to reach Internat and Also the H.O data centre.
I want To know how they are able to access internet and thier Own DC.
thanks
07-15-2015 09:01 AM
Perhaps we could provide better answers if we knew more about your environment. In your original post I thought it sounded like you connect to the ISP for direct Internet access and answered your question on that basis. In your second post you talk about the ISP connecting branch offices to the Head Office and to the Internet. This sounds more like an MPLS network. If you have contracted with the ISP for MPLS then they can set up what is essentially a private network for you which runs on the ISP infrastructure. This would allow the use of private addressing for all traffic within the branch and between branches and Head Office. In this environment the ISP can provide Internet access and in that case the address translation would be done by the ISP at the point where the traffic leaves your MPLS network and is forwarded to the Internet.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide