Solved

IP Addressing

Posted on 2002-05-29
10
191 Views
Last Modified: 2010-04-17
I am designing a public data network to connect branch offices of different clients, by creating a VPN for each client on the same public infrastructure. Physically, what I'm going to end up with is branch office LANs of different clients connecting into a cloud. I intend to use private IP addresses for this public network because clients will use it mostly to connect branch offices. My problem is that different clients will have overlapping IP addresses on their LANs over which I do not wish to have any influence. What technologies can I deploy that will allow clients to maintain their own IP addresses irregardless of who else is using the same addresses on the network and still be able to implement the routing correctly?
0
Comment
Question by:Wyse
  • 5
  • 4
10 Comments
 
LVL 3

Expert Comment

by:afurman
Comment Utility
Wyse,

I think it is possible to use NAT (many-to-many) on branch routers. In this case you don't need to change addressing scheme into each branch. However, you can implement any addressing scheme in 'main' private network.
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
if you use NAT or another technology (like l2tp), highly depends on your VPN and routers. Could you please give more descriptions/vendors about them.
0
 

Author Comment

by:Wyse
Comment Utility
Ok ahoffmann, it's like this:
I intend to use cisco 3600 and 7200 series routers at POP sites for customer aggregation with the catalyst 8510 and MGX 8850 making up the distribution and core respectively. I'm actually hoping to use MPLS technology but then I need to get my routing in order before I can deploy MPLS don't I?
0
 

Author Comment

by:Wyse
Comment Utility
afurman, any idea where I can read about this many-to-many NAT technology?
0
 
LVL 3

Expert Comment

by:afurman
Comment Utility
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:Wyse
Comment Utility
afurman, from what I undestand about NAT many-to-many, your router simply maps multiple local addresses to multiple global addresses. This only modifies the source addresses and still leaves me with the problem of more than one possible destination for a particular destination address.
0
 
LVL 3

Expert Comment

by:afurman
Comment Utility
Wyse,

At first, you need to plan your global network with address/subnetwork ranges for all brunches. Then simple map private (internal) addresses/subnetworks trough NAT to those addresses/subnetworks which you have planned.

When, for example, a client in one brunch connects to another one in other brunch it uses IP from global address range. So, you have avoided a problem with more then one possible destination.
0
 

Author Comment

by:Wyse
Comment Utility
If a client is at one branch office and wants to connect to a host at another branch, do they have to use the global IP address of that branch or they'll just continue using the old local address of that branch and NAT will take care of the translation but substituting the destination address with a global one? I am trying to avoid a situation where clients actually have to make IP address changes to their internal systems.
0
 
LVL 3

Accepted Solution

by:
afurman earned 100 total points
Comment Utility
When a client at any branch office wants to connect to a client or server at another branch office it uses global IP address of that client.

Now I'm writing this comment on a PC with local address 10.1.1.13 but when somebody accesses my PC from the Internet (ICQ for example) it uses public IP. It doesn't know and it doesn't need to know my private IP.
0
 

Author Comment

by:Wyse
Comment Utility
afurman,
Makes a lot of sense that,I'm sure after a bit more reading I should get the hang of it. thanks a lot.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now