we had a contractor tell me there is a way to do that. I cant speak as to how he intended on doing it. hes from a cisco shop, so maybe he just assumed it would be the same. We wanted it because of geographically separate bgp routers but never went that far since our upstream bandwidth is too different between providers so we just pulled off a 24 for each one that doesnt announce on the other to handle the NAT
On Mon, Jan 15, 2018 at 1:38 PM, Dennis Burgess <[email protected]> wrote: > You can have failover, just the connections will be broke aand they will > have to be restarted. That’s it. Normally I don’t worry about that kind > of stuff. > > > > > > *Dennis Burgess** –** Network Solution Engineer – Consultant * > > MikroTik Certified Trainer/Consultant > <http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – > MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE > > > > For Wireless Hardware/Routers visit www.linktechs.net > > Radio Frequency Coverages: www.towercoverage.com > > Office: 314-735-0270 <(314)%20735-0270> > > E-Mail: [email protected] > > > > *From:* Af [mailto:[email protected]] *On Behalf Of *Chuck McCown > *Sent:* Monday, January 15, 2018 1:34 PM > *To:* [email protected] > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > Too bad. I am kind of scared to not have some kind of hot standby or load > sharing that will fail in a graceful manner. > > > > *From:* Dennis Burgess > > *Sent:* Monday, January 15, 2018 12:28 PM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > MT does not do stateful failover L sorry. > > > > > > *Dennis Burgess** –** Network Solution Engineer – Consultant * > > MikroTik Certified Trainer/Consultant > <http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – > MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE > > > > For Wireless Hardware/Routers visit www.linktechs.net > > Radio Frequency Coverages: www.towercoverage.com > > Office: 314-735-0270 <(314)%20735-0270> > > E-Mail: [email protected] > > > > *From:* Af [mailto:[email protected] <[email protected]>] *On > Behalf Of *Chuck McCown > *Sent:* Monday, January 15, 2018 1:24 PM > *To:* [email protected] > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > I wonder if it would handle two boxes, sync them and have a nice stateful > failover mechanism? > > > > *From:* Steve Jones > > *Sent:* Monday, January 15, 2018 12:21 PM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > srcnat is what we use. 1800 connections right now from one section of the > network > > > > On Mon, Jan 15, 2018 at 1:10 PM, Chuck McCown <[email protected]> wrote: > > What flavor of NAT does mikrotik implement? > > > > *From:* Chuck McCown > > *Sent:* Monday, January 15, 2018 12:07 PM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > Wonder how heavy we can load that... I would want it to be able to handle > 8000 connections. > > > > *From:* Steve Jones > > *Sent:* Monday, January 15, 2018 12:05 PM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > ccr1072 > > > > On Mon, Jan 15, 2018 at 12:59 PM, Chuck McCown <[email protected]> wrote: > > What are you using? Router NAT or a server or ? > > > > *From:* Steve Jones > > *Sent:* Monday, January 15, 2018 11:48 AM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > Im not going to lie, we are natting at 1:300 across a handful of publics > and have little to no issue, though we really should since the customer > router double NATs > > > > On Mon, Jan 15, 2018 at 12:39 PM, Chuck McCown <[email protected]> wrote: > > I need to have about /19 worth of customers natted to as few V4s as is > needed to make it work properly. > > > > We currently have about 3 /21s I think. Don’t want to have to buy a > fourth. > > > > *From:* Dennis Burgess > > *Sent:* Monday, January 15, 2018 11:34 AM > > *To:* [email protected] > > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > Mikrotik can do that, I have a router with 20k NAT rules natting two /21s > to less than 254 ips .:) > > > > > > *Dennis Burgess** –** Network Solution Engineer – Consultant * > > MikroTik Certified Trainer/Consultant > <http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – > MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE > > > > For Wireless Hardware/Routers visit www.linktechs.net > > Radio Frequency Coverages: www.towercoverage.com > > Office: 314-735-0270 <(314)%20735-0270> > > E-Mail: [email protected] > > > > *From:* Af [mailto:[email protected] <[email protected]>] *On > Behalf Of *George Skorup > *Sent:* Monday, January 15, 2018 12:28 PM > *To:* [email protected] > *Subject:* Re: [AFMUG] IPv4 exhaust again > > > > Dual-stack and CGN? You can get 8:1, 16:1 or even 32:1 out of a single > public IPv4 address. Give 8 customers 8k ports each, or 16 customer 4k > ports each, 32 customers 2k ports each. That's *source* ports, so they're > not limited to 8k, 4k or 2k connections total. You have to look at in both > directions. 10.10.10.10:1024 -> 8.8.8.8:53 and 10.10.10.10:1024 -> > 8.8.4.4:53 mappings are both valid, and it obviously goes a lot deeper > than that. > > Seems to be a whole lot easier than some crazy NAT appliance that's > running the whole network. I haven't done anything like this, but I'm > considering it. I think Juniper even lets you do this with a couple > commands? Yeah, I'm too cheap for that. > > Something else to keep in mind is that most consumer grade routers still > have a fairly limited connection table. My Cambium cnPilot router I have at > home lets you adjust the max table size (up to 8192). Most are 2k or 4k. > While even a low-end MikroTik will give you >100k. > > On 1/15/2018 11:35 AM, Chuck McCown wrote: > > Planning to buy another /21 or some such thing .... again ...... > > � > > So going to attempt to NAT the whole frigging company. > > � > > Seems like I am going in reverse here. > > � > > If we can make NAT work for most customers, then that will buy us time to > build our magic V4 translator gateway box for a V6 only network.� > > � > > Any suggestions on the best way to do this? > > > > > > > > >
