Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NAT for an ISP

  • From: Dan Armstrong
  • Date: Wed Jun 04 16:11:13 2003

90% of our customers all use private address space.   We only give out
real address space to customers that have servers that need to be
visible.   We run NAT on several customer facing routers.

Cool stuff we can do is setup PPTP VPNs on the same router to give
people "access from home" to their LAN.  Same with L2TP/ILEC DSL.

Problems include:

We have a big nat pool on each router.  If some twerp customer gets
infected with some windoze crap, tracking it down can be a bit more

Until recently, the IOS could not take huge volumes of NAT without
tossing it's cookies from time to time.

We have been toying around with VRFs & NAT which was recently introduced
in the IOS, and it appears that in a NAT situation, the VRFs "leak"
between each other, which scares the crap out of me.  We are going to
wait for a couple of revisions of the IOS before looking into that


"Christopher J. Wolff" wrote:

> Hello,
> I would like to know if any service providers have built their access
> networks out using private IP space.  It certainly would benefit the
> global IP pool but it may adversely affect users with special
> applications.  At any rate, it sounds like good fodder for a debate.
> Regards,
> Christopher J. Wolff, VP CIO
> Broadband Laboratories, Inc.

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.