The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2001-Sep> msg00047



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

Re: nat at the PE

  • From: Christopher Lewis <chrlewis@cisco.com>
  • Date: Fri, 21 Sep 2001 00:41:46 -0500
  • Cc: alfred zhang <alfred.zhang@u-cyber.com>, mpls-ops@mplsrc.com
  • Resent-Date: Fri, 21 Sep 2001 03:26:08 -0400
  • To: Wulf Losee <wulf@cisco.com>
  • X-Sender: chrlewis@fargo.cisco.com

Wulf,

This comes in to play when the SP wants to offer central services or maybe 
an extranet between two customers as part of the VPN. If you consider the 
service provider just offering intranet connectivity to the customer, there 
is no need. Jeff Apcar's internal Cisco home page has excellent examples of 
this.

Chris

At 07:48 PM 9/20/2001, Wulf Losee wrote:
>Alfred:
>Why would you want to do NAT on a PE? From a customer's operational 
>standpoint the CE is where customer's physical network ends -- and most 
>customers like to have control of their IP space. From a service 
>provider's operational standpoint, would they really want NAT sucking down 
>the CPU cycles on their PE routers? -- which in turn would up their costs 
>for providing MPLS VPN services their customers. Maybe I'm missing 
>something here, but I don't see any reason in your CUG example that you'd 
>need to have NAT on the PE routers.
>
>Please note: although I work for Cisco, I'm not advocating any Cisco 
>position on this. I'm just trying to understand the technical and/or 
>operational reason why you'd ever want NAT on the PE routers.
>
>--Wulf
>
>
>At 04:24 PM 9/19/2001 +0800, alfred zhang wrote:
>>Hi guys,
>>
>>   I'm doing some testing about nat in the mpls vpn .I assumed the ISP 
>> want to provide internet access to their VPN customers only, with Closed 
>> User Group, there can be a public ip address segment that every VPN can 
>> access it. Due to IP address issue, NAT is needed somewhere in this 
>> public segment for each VPN. Can PE do this nat function?Or I have to 
>> use CE or one external NAT box.
>>
>>
>>Best regards,
>>alfred zhang
>>-------
>>The MPLS-OPS Mailing List
>>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
>
>********************************************************
>"They that can give up essential liberty to obtain a little temporary
>safety deserve neither liberty nor safety." - Benjamin Franklin, ~1784
>********************************************************
>Wulf Losee
>Product Manager
>Cisco Systems, INSMBU
>email: wulf@cisco.com
>vox: 408.525.1493     cell: 408.406.4914
>fax: 408.525.4251     page: 800.365.4578
>********************************************************
>
>
>-------
>The MPLS-OPS Mailing List
>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml

-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml