NAT Solution

Discussion in 'Cisco' started by joespoolhall@gmail.com, Apr 10, 2009.

  1. Guest

    We're needing to implement a solution whereby we can reroute traffic
    based on source address to a different resource. Basically, the
    default behavior would let the packet route to the normal destination,
    but anyone configured in a list would be shunted off to an alternate
    resource.

    We could do this via layer 3 or layer 4 translation of some sort, or
    even a set-next-hop sort of arrangement. I'm trying to stay away from
    source-based routing, because we're talking about approximately
    400Mbps worth of traffic here, so I want it to be as resource-friendly
    as possible. We've got some fairly beefy hardware at our disposal
    (Cat6500 w/SUP720,PFC3,MSFC3) so I'm wondering what can be leveraged.

    The list of sources will likely be around 50,000-100,000 entries long
    and updated by an external source. I looked at the Cisco ACE module,
    but it can't do it via traditional NAT processes due to the logic flow
    and it's route-map features would be limited to 16,000 entries.

    At this point, I'd be willing to use something Cisco or non-Cisco to
    accomplish this task. Are there any recommendations?
     
    , Apr 10, 2009
    #1
    1. Advertising

  2. Thrill5 Guest

    I think you need to come up with a new solution because I don't know of any
    device that would be able to do this. What is it that you are trying to
    accomplish? This is so wrong on so many levels... How would you even
    manage a list of 50 to 100 thousand source addresses?

    <> wrote in message
    news:...
    > We're needing to implement a solution whereby we can reroute traffic
    > based on source address to a different resource. Basically, the
    > default behavior would let the packet route to the normal destination,
    > but anyone configured in a list would be shunted off to an alternate
    > resource.
    >
    > We could do this via layer 3 or layer 4 translation of some sort, or
    > even a set-next-hop sort of arrangement. I'm trying to stay away from
    > source-based routing, because we're talking about approximately
    > 400Mbps worth of traffic here, so I want it to be as resource-friendly
    > as possible. We've got some fairly beefy hardware at our disposal
    > (Cat6500 w/SUP720,PFC3,MSFC3) so I'm wondering what can be leveraged.
    >
    > The list of sources will likely be around 50,000-100,000 entries long
    > and updated by an external source. I looked at the Cisco ACE module,
    > but it can't do it via traditional NAT processes due to the logic flow
    > and it's route-map features would be limited to 16,000 entries.
    >
    > At this point, I'd be willing to use something Cisco or non-Cisco to
    > accomplish this task. Are there any recommendations?
     
    Thrill5, Apr 11, 2009
    #2
    1. Advertising

  3. Guest

    The updates will be automatically generated, based on metrics
    determined by a daemon. With the Cisco ACE module, you can feed it
    configuration updates via XML. There's got to be a way...


    On Apr 10, 7:09 pm, "Thrill5" <> wrote:
    > I think you need to come up with a new solution because I don't know of any
    > device that would be able to do this.  What is it that you are trying to
    > accomplish?    This is so wrong on so many levels...  How would you even
    > manage a list of 50 to 100 thousand source addresses?
    >
    > <> wrote in message
    >
    > news:...
    >
    >
    >
    > > We're needing to implement a solution whereby we can reroute traffic
    > > based on source address to a different resource. Basically, the
    > > default behavior would let the packet route to the normal destination,
    > > but anyone configured in a list would be shunted off to an alternate
    > > resource.

    >
    > > We could do this via layer 3 or layer 4 translation of some sort, or
    > > even a set-next-hop sort of arrangement. I'm trying to stay away from
    > > source-based routing, because we're talking about approximately
    > > 400Mbps worth of traffic here, so I want it to be as resource-friendly
    > > as possible. We've got some fairly beefy hardware at our disposal
    > > (Cat6500 w/SUP720,PFC3,MSFC3) so I'm wondering what can be leveraged.

    >
    > > The list of sources will likely be around 50,000-100,000 entries long
    > > and updated by an external source. I looked at the Cisco ACE module,
    > > but it can't do it via traditional NAT processes due to the logic flow
    > > and it's route-map features would be limited to 16,000 entries.

    >
    > > At this point, I'd be willing to use something Cisco or non-Cisco to
    > > accomplish this task. Are there any recommendations?- Hide quoted text -

    >
    > - Show quoted text -
     
    , Apr 13, 2009
    #3
  4. Thrill5 Guest

    But what is you are trying to do? Why do you need to route traffic based on
    source address? There is more than one way to do anything and the method
    you have suggested is not workable. If you provide more information someone
    can come up with a better solution. For example, why not send the traffic
    directly to the correct destination using GSLB or if this is an HTTP
    application you can write a CGI to issue a redirect to the correct
    destination.

    <> wrote in message
    news:...
    The updates will be automatically generated, based on metrics
    determined by a daemon. With the Cisco ACE module, you can feed it
    configuration updates via XML. There's got to be a way...


    On Apr 10, 7:09 pm, "Thrill5" <> wrote:
    > I think you need to come up with a new solution because I don't know of
    > any
    > device that would be able to do this. What is it that you are trying to
    > accomplish? This is so wrong on so many levels... How would you even
    > manage a list of 50 to 100 thousand source addresses?
    >
    > <> wrote in message
    >
    > news:...
    >
    >
    >
    > > We're needing to implement a solution whereby we can reroute traffic
    > > based on source address to a different resource. Basically, the
    > > default behavior would let the packet route to the normal destination,
    > > but anyone configured in a list would be shunted off to an alternate
    > > resource.

    >
    > > We could do this via layer 3 or layer 4 translation of some sort, or
    > > even a set-next-hop sort of arrangement. I'm trying to stay away from
    > > source-based routing, because we're talking about approximately
    > > 400Mbps worth of traffic here, so I want it to be as resource-friendly
    > > as possible. We've got some fairly beefy hardware at our disposal
    > > (Cat6500 w/SUP720,PFC3,MSFC3) so I'm wondering what can be leveraged.

    >
    > > The list of sources will likely be around 50,000-100,000 entries long
    > > and updated by an external source. I looked at the Cisco ACE module,
    > > but it can't do it via traditional NAT processes due to the logic flow
    > > and it's route-map features would be limited to 16,000 entries.

    >
    > > At this point, I'd be willing to use something Cisco or non-Cisco to
    > > accomplish this task. Are there any recommendations?- Hide quoted text -

    >
    > - Show quoted text -
     
    Thrill5, Apr 14, 2009
    #4
  5. tweety Guest

    On Apr 14, 2:32 am, "Thrill5" <> wrote:
    > But what is you are trying to do?  Why do you need to route traffic based on
    > source address?  There is more than one way to do anything and the method
    > you have suggested is not workable.  If you provide more information someone
    > can come up with a better solution. For example, why not send the traffic
    > directly to the correct destination using GSLB or if this is an HTTP
    > application you can write a CGI to issue a redirect to the correct
    > destination.
    >
    > <> wrote in message
    >
    > news:...
    > The updates will be automatically generated, based on metrics
    > determined by a daemon. With the Cisco ACE module, you can feed it
    > configuration updates via XML. There's got to be a way...
    >
    > On Apr 10, 7:09 pm, "Thrill5" <> wrote:
    >
    >
    >
    > > I think you need to come up with a new solution because I don't know of
    > > any
    > > device that would be able to do this. What is it that you are trying to
    > > accomplish? This is so wrong on so many levels... How would you even
    > > manage a list of 50 to 100 thousand source addresses?

    >
    > > <> wrote in message

    >
    > >news:...

    >
    > > > We're needing to implement a solution whereby we can reroute traffic
    > > > based on source address to a different resource. Basically, the
    > > > default behavior would let the packet route to the normal destination,
    > > > but anyone configured in a list would be shunted off to an alternate
    > > > resource.

    >
    > > > We could do this via layer 3 or layer 4 translation of some sort, or
    > > > even a set-next-hop sort of arrangement. I'm trying to stay away from
    > > > source-based routing, because we're talking about approximately
    > > > 400Mbps worth of traffic here, so I want it to be as resource-friendly
    > > > as possible. We've got some fairly beefy hardware at our disposal
    > > > (Cat6500 w/SUP720,PFC3,MSFC3) so I'm wondering what can be leveraged.

    >
    > > > The list of sources will likely be around 50,000-100,000 entries long
    > > > and updated by an external source. I looked at the Cisco ACE module,
    > > > but it can't do it via traditional NAT processes due to the logic flow
    > > > and it's route-map features would be limited to 16,000 entries.

    >
    > > > At this point, I'd be willing to use something Cisco or non-Cisco to
    > > > accomplish this task. Are there any recommendations?- Hide quoted text -

    >
    > > - Show quoted text -- Hide quoted text -

    >
    > - Show quoted text -


    define an access list capturing the source address's then do a route
    map setting next hop to the new route ?
     
    tweety, Apr 18, 2009
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Al Dykes
    Replies:
    8
    Views:
    600
    Walter Roberson
    Oct 29, 2003
  2. Rob Dover
    Replies:
    2
    Views:
    2,337
    Rob Dover
    Dec 22, 2005
  3. Enrique Cortones

    MGCP NAT solution needed

    Enrique Cortones, Sep 10, 2003, in forum: VOIP
    Replies:
    0
    Views:
    1,326
    Enrique Cortones
    Sep 10, 2003
  4. Krzysztof Oglaza

    pc2phone/webphone solution with NAT support

    Krzysztof Oglaza, Oct 19, 2003, in forum: VOIP
    Replies:
    0
    Views:
    746
    Krzysztof Oglaza
    Oct 19, 2003
  5. professorguy
    Replies:
    1
    Views:
    8,527
    professorguy
    Dec 8, 2006
Loading...

Share This Page