On 2009-03-22 06:11, Rémi Després wrote:
Brian E Carpenter - le (m/j/a) 3/20/09 2:40 PM:
Also, NAT-based multihoming has value for large international corporate
networks with dozens or hundreds of interconnection points to
the public network. It basically solves their address management
problem when dealing with multiple ISPs in multiple locations. That's
running code today.
I don't understand the configuration of this case.
Any reference to clarify it (or an explanation)?
Suppose you're operating a large international network with (to take
a random example) IPv4 1/8 as its PI prefix.
You can't just advertise 1/8 in BGP4, because in fact it is split
up into many longer prefixes for various kinds of use and various
geographies. So how do you connect your internal users to the Internet?
(We're talking about desktop users, not about servers in a DMZ.)
You have (I'm making this up) 100 different interconnects to the
public Internet around the world, across a variety of ISPs. If you
advertise longer prefixes out of 1/8 through those ISPs, life gets
highly complex if you want multihoming. Certainly you won't be able
to advertise *all* those prefixes through *all* those ISPs, so you'll need
a complex worldwide management system just for your BGP4 advertisements,
to decide which prefixes are advertised where, and what the desired backup
paths are. It can be done, but the OPEX is high.
So instead, you run NAT at every ISP connection. Your internal users get
NATted to an ISP prefix at whichever exit point their traffic happens
to reach, which automatically causes their return traffic to come through
the same ISP. That exit point is locally chosen by the local routing setup.
You don't need any worldwide coordination of the BGP4 advertisements,
because there aren't any expect the ISP's normal ones. Also, traffic
flows inside your network are localised, since traffic goes out and
returns through a (reasonably) local gateway.
When one of these NATs goes down, active connections will be lost,
but IGP routing will switch users automatically to a different NAT
when they retry.
I'm sure there are people who can give a more accurate explanation
Ietf mailing list