Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

IP Addressing

I am designing a public data network to connect branch offices of different clients, by creating a VPN for each client on the same public infrastructure. Physically, what I'm going to end up with is branch office LANs of different clients connecting into a cloud. I intend to use private IP addresses for this public network because clients will use it mostly to connect branch offices. My problem is that different clients will have overlapping IP addresses on their LANs over which I do not wish to have any influence. What technologies can I deploy that will allow clients to maintain their own IP addresses irregardless of who else is using the same addresses on the network and still be able to implement the routing correctly?
0
Wyse
Asked:
Wyse
  • 5
  • 4
1 Solution
 
afurmanCommented:
Wyse,

I think it is possible to use NAT (many-to-many) on branch routers. In this case you don't need to change addressing scheme into each branch. However, you can implement any addressing scheme in 'main' private network.
0
 
ahoffmannCommented:
if you use NAT or another technology (like l2tp), highly depends on your VPN and routers. Could you please give more descriptions/vendors about them.
0
 
WyseAuthor Commented:
Ok ahoffmann, it's like this:
I intend to use cisco 3600 and 7200 series routers at POP sites for customer aggregation with the catalyst 8510 and MGX 8850 making up the distribution and core respectively. I'm actually hoping to use MPLS technology but then I need to get my routing in order before I can deploy MPLS don't I?
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
WyseAuthor Commented:
afurman, any idea where I can read about this many-to-many NAT technology?
0
 
WyseAuthor Commented:
afurman, from what I undestand about NAT many-to-many, your router simply maps multiple local addresses to multiple global addresses. This only modifies the source addresses and still leaves me with the problem of more than one possible destination for a particular destination address.
0
 
afurmanCommented:
Wyse,

At first, you need to plan your global network with address/subnetwork ranges for all brunches. Then simple map private (internal) addresses/subnetworks trough NAT to those addresses/subnetworks which you have planned.

When, for example, a client in one brunch connects to another one in other brunch it uses IP from global address range. So, you have avoided a problem with more then one possible destination.
0
 
WyseAuthor Commented:
If a client is at one branch office and wants to connect to a host at another branch, do they have to use the global IP address of that branch or they'll just continue using the old local address of that branch and NAT will take care of the translation but substituting the destination address with a global one? I am trying to avoid a situation where clients actually have to make IP address changes to their internal systems.
0
 
afurmanCommented:
When a client at any branch office wants to connect to a client or server at another branch office it uses global IP address of that client.

Now I'm writing this comment on a PC with local address 10.1.1.13 but when somebody accesses my PC from the Internet (ICQ for example) it uses public IP. It doesn't know and it doesn't need to know my private IP.
0
 
WyseAuthor Commented:
afurman,
Makes a lot of sense that,I'm sure after a bit more reading I should get the hang of it. thanks a lot.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now