RE: Configure Nat with BGP [7:13265]

Sun, 22 Jul 2001 18:48:08 -0700 

It's the Lab mentality, Tone. You practice doing screwy things so you can
pass the lab, and you become warped in the process, and begin to believe
that doing screwy things is normal.

as an intellectual exercise, I can think of no reason why BGP wouldn't work
over GRE tunnels, but I sure as hell would not even in my worst Lab
nightmare think about trying BGP through NAT. Not even the Lab proctors
could be that sick ;->

Chuck

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Tony Medeiros
Sent: Sunday, July 22, 2001 2:35 PM
To: [EMAIL PROTECTED]
Subject: Re: Configure Nat with BGP [7:13265]


I don't think you want to do that.  If you have the bucks for 4 internet
circuits,  you should have the bucks for a firewall or another router behind
your edge router to do the nat. I doubt that this will work.  In fact,  If
you have any asymmetric routing going on at all (packets going out one
interface and returning on a different one),  It flat out won't work.

I can foresee so many issues with this setup that I wouldn't even attempt
it.  I suppose that if you had just static mappings and tweaked the BGP just
right it might work.  But if you have a circuit failure and BGP rolls over
to another interface,  it will break the sessions.  Load balancing will be a
nightmare.  So will peering.  Maybe this could be done with loopbacks and
policy routing on the inside interface pointing at the loopbacks for the
next hop...  I don't know.  It sounds too ugly even to try.  Maybe I'm
wrong,  Anybody else ever try this ???

My humble opinion......  Get a firewall or another router.

Tony M.
#6172

----- Original Message -----
From: Justin Lofton
To:
Sent: Sunday, July 22, 2001 1:02 PM
Subject: Configure Nat with BGP [7:13265]


> I'm trying to configure NAT on a router that is running BGP between 4
> internet circuits.  Can't find anything on CCO.  Which interface do I use
as
> ip nat outside? Just one or all four?  I'm confused.  Can anyone out there
> help me with this one?
>
> Thanks Everyone!
>
> Justin Lofton
> Account Executive/CCNA
> Tredent Data Systems
> [EMAIL PROTECTED]
> V: (818) 222-3770
> F: (818) 222-3778
> http://www.tredent.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13298&t=13265
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to