Margaret, My previous answer to your question about Multi-CPE-Multihoming with NAT66 was incomplete, and erroneous. Sorry for that. The picture is in fact more complex.
If a private-site network has two CPEs giving access to two ISPs, the CPE via which a packet goes to the Internet depends on the intra-site routing. If this routing doesn't make sure that all packets from a given host always go to the same CPE, then TCP connections will be broken: - packets that go via a CPE different from that traversed by the the SYN packet will be OK as far as ingress filtering is concerned, but they will be discarded by their destination (having a different source address, they will not be considered as belonging to the TCP connection) - SIP or SCTP won't help because hosts don't know global addresses at which they can be reached (while with e2e preserved addresses SIP and SCTP can work). It therefore remains true that, unless some precautions in intra-site routing are taken (that need to be documented, and that are not necessarily easy to enforce), NAT66 isn't compatible with multi-CPE-multihoming. In my understanding, SAM, provided hosts support it, does bring a solution that works independently of intra-site routing properties, and does leverage the potential of SHIM6 and SCTP to maintain connections in case of failures. Regards, RD _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
