srcnat is what we use. 1800 connections right now from one section of the network
On Mon, Jan 15, 2018 at 1:10 PM, Chuck McCown <[email protected]> wrote: > What flavor of NAT does mikrotik implement? > > *From:* Chuck McCown > *Sent:* Monday, January 15, 2018 12:07 PM > *To:* [email protected] > *Subject:* Re: [AFMUG] IPv4 exhaust again > > Wonder how heavy we can load that... I would want it to be able to handle > 8000 connections. > > *From:* Steve Jones > *Sent:* Monday, January 15, 2018 12:05 PM > *To:* [email protected] > *Subject:* Re: [AFMUG] IPv4 exhaust again > > ccr1072 > > On Mon, Jan 15, 2018 at 12:59 PM, Chuck McCown <[email protected]> wrote: > >> What are you using? Router NAT or a server or ? >> >> *From:* Steve Jones >> *Sent:* Monday, January 15, 2018 11:48 AM >> *To:* [email protected] >> *Subject:* Re: [AFMUG] IPv4 exhaust again >> >> Im not going to lie, we are natting at 1:300 across a handful of publics >> and have little to no issue, though we really should since the customer >> router double NATs >> >> On Mon, Jan 15, 2018 at 12:39 PM, Chuck McCown <[email protected]> wrote: >> >>> I need to have about /19 worth of customers natted to as few V4s as is >>> needed to make it work properly. >>> >>> We currently have about 3 /21s I think. Don’t want to have to buy a >>> fourth. >>> >>> *From:* Dennis Burgess >>> *Sent:* Monday, January 15, 2018 11:34 AM >>> *To:* [email protected] >>> *Subject:* Re: [AFMUG] IPv4 exhaust again >>> >>> >>> Mikrotik can do that, I have a router with 20k NAT rules natting two >>> /21s to less than 254 ips .:) >>> >>> >>> >>> >>> >>> *Dennis Burgess** –** Network Solution Engineer – Consultant * >>> >>> MikroTik Certified Trainer/Consultant >>> <http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – >>> MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE >>> >>> >>> >>> For Wireless Hardware/Routers visit www.linktechs.net >>> >>> Radio Frequency Coverages: www.towercoverage.com >>> >>> Office: 314-735-0270 <(314)%20735-0270> >>> >>> E-Mail: [email protected] >>> >>> >>> >>> *From:* Af [mailto:[email protected]] *On Behalf Of *George Skorup >>> *Sent:* Monday, January 15, 2018 12:28 PM >>> *To:* [email protected] >>> *Subject:* Re: [AFMUG] IPv4 exhaust again >>> >>> >>> >>> Dual-stack and CGN? You can get 8:1, 16:1 or even 32:1 out of a single >>> public IPv4 address. Give 8 customers 8k ports each, or 16 customer 4k >>> ports each, 32 customers 2k ports each. That's *source* ports, so they're >>> not limited to 8k, 4k or 2k connections total. You have to look at in both >>> directions. 10.10.10.10:1024 -> 8.8.8.8:53 and 10.10.10.10:1024 -> >>> 8.8.4.4:53 mappings are both valid, and it obviously goes a lot deeper >>> than that. >>> >>> Seems to be a whole lot easier than some crazy NAT appliance that's >>> running the whole network. I haven't done anything like this, but I'm >>> considering it. I think Juniper even lets you do this with a couple >>> commands? Yeah, I'm too cheap for that. >>> >>> Something else to keep in mind is that most consumer grade routers still >>> have a fairly limited connection table. My Cambium cnPilot router I have at >>> home lets you adjust the max table size (up to 8192). Most are 2k or 4k. >>> While even a low-end MikroTik will give you >100k. >>> >>> On 1/15/2018 11:35 AM, Chuck McCown wrote: >>> >>> Planning to buy another /21 or some such thing .... again ...... >>> >>> � >>> >>> So going to attempt to NAT the whole frigging company. >>> >>> � >>> >>> Seems like I am going in reverse here. >>> >>> � >>> >>> If we can make NAT work for most customers, then that will buy us time >>> to build our magic V4 translator gateway box for a V6 only network.� >>> >>> � >>> >>> Any suggestions on the best way to do this? >>> >>> >>> >> >> > >
