Bgp – Multihomed BGP and NAT

bgpnat;

I'm aiming to build the following network (might need to open image in new tab due to width):

sample network

Assume those BGP links are different ISPs
- Same ASN is advertised to both ISPs
- Sites are interconnected via private line
- BGP default routes only
- We have a /24 (public address space)
- EDIT: I should add that we're already advertising this /24 with BGP at siteA. So I'm essentially looking to add SiteB
Server 1 is accessible on the internet via NAT

My Question: I'm hoping to expose Server 1 via the same public IP regardless of which ISP a client comes in through. So therefore, I'm assuming the accepted method is to have the same NAT rules on both routers? Is this possible? What are the downsides to this?

Best Answer

This won't work the way you describe it. Each connection has its own public IP belonging to your ISPs. You'll need public IP space (typically called PI space - provider indepentent) which you can advertise via BGP to both your ISP's at the same time.

The setup you describes doesn't have a shared public address between the two connections and your ISPs won't route eachothers addresses, so what you're describing is a server which is reachable through two networks on two different IP addresses. NAT rules can't solve this for you.

Related Solutions

Bgp – load balance between two ISP bgp links

You didn't mention vendor, but if Cisco IOS, you can use:

router bgp 43792
  bgp bestpath as-path multipath-relax
  address-family ipv4
    maximum-paths 2
  !
!

multipath-relax is needed as normally you'll only multipath with same as-path routes.

I'm personally strongly against carrying default routes via dynamic routing-protocols, there simply isn't any need, as long as you operate platform which supports recursive static routes.

Consider your operator router gets disconnect from their core, then you still receive the default route and your traffic is blackholed until you manually intervene. However if they'd send you some candidate route, perhaps their own PA block or maybe few PA blocks crucial to you, you could add static default routes towards these networks, if edge box is disconnected from core, the aggregate network is gone, and you can converge without manual intervention.

Cisco – Inbound BGP load-balancing from same ISP router

I would ask for 'maximum-paths' (it's usually called ECMP in standards and documents, not ECLB). And if ECMP is non-starter, then fallback to your /25 plan.

Other acronyms that I couldn't immediately figure out were DIA (dedicated internet access?) and SOP (standard operating procedure?). I'm not sure if these are really so universal acronyms that they should be used in stackexchange without at least hovertext to resolve them.

Best Answer

Related Solutions

Bgp – load balance between two ISP bgp links

Cisco – Inbound BGP load-balancing from same ISP router

Related Topic