On 2009-03-22 06:11, Rémi Després wrote:> Brian E Carpenter - le (m/j/a) 3/20/09 2:40 PM:...
>> Also, NAT-based multihoming has value for large international corporate>> networks with dozens or hundreds of interconnection points to>> the public network. It basically solves their address management>> problem when dealing with multiple ISPs in multiple locations. That's>> running code today.>>>> > I don't understand the configuration of this case.> Any reference to clarify it (or an explanation)?
Suppose you're operating a large international network with (to takea random example) IPv4 1/8 as its PI prefix.
You can't just advertise 1/8 in BGP4, because in fact it is splitup into many longer prefixes for various kinds of use and variousgeographies. So how do you connect your internal users to the Internet?(We're talking about desktop users, not about servers in a DMZ.)
You have (I'm making this up) 100 different interconnects to thepublic Internet around the world, across a variety of ISPs. If youadvertise longer prefixes out of 1/8 through those ISPs, life getshighly complex if you want multihoming. Certainly you won't be ableto advertise *all* those prefixes through *all* those ISPs, so you'll needa complex worldwide management system just for your BGP4 advertisements,to decide which prefixes are advertised where, and what the desired backuppaths are. It can be done, but the OPEX is high.
So instead, you run NAT at every ISP connection. Your internal users getNATted to an ISP prefix at whichever exit point their traffic happensto reach, which automatically causes their return traffic to come throughthe same ISP. That exit point is locally chosen by the local routing setup.You don't need any worldwide coordination of the BGP4 advertisements,because there aren't any expect the ISP's normal ones. Also, trafficflows inside your network are localised, since traffic goes out andreturns through a (reasonably) local gateway.
When one of these NATs goes down, active connections will be lost,but IGP routing will switch users automatically to a different NATwhen they retry.
I'm sure there are people who can give a more accurate explanationthan that.
Brian
_______________________________________________Ietf mailing listIetf@xxxxxxxxxxxxx://www.ietf.org/mailman/listinfo/ietf