Best Practice for changing Routable IP Space

jlnetherland · ‎06-13-2007

We are currently changing ISPs and therefore changing our /24 routable space and was looking for some insight on how others have accomplished this.

We currently have service with Carrier A and as part of a WAN converstion to Metro Ethernet we are moving our IP service to Carrier B. I've tried to convience the higher-ups to keep both and utilize BGP so we wouldn't have to go through a transition with no luck.

The need currently is to run both during a conversion period. I have concerns over routing as we start to move translations from one network to the other. Has anyone else gone through this process and offer any insight? Is it best to purchase another firewall bundle or just make the new service another interface on existing firewalls?

Thanks.

Jon Marshall · ‎06-13-2007

Hi

As long as yur new ISP routes the new /24 to your firewall there is no reason why you cannot use the same firewall for both connections. And you can move across the translations on your firewall one at a time although you will not be able to tranlsate the same private address to 2 public ip addresses so you need to decide how easy it would be for you ie.

Inside server 192.168.5.1

Old public IP for inside server 217.10.10.1

New Public IP for inside server 231.12.12.1

If you need both translations at once then you might be better off looking for a separate firewall bundle but if you don't there is no reason why you can't use the same firewall.

HTH

Jon

anandramapathy · ‎06-14-2007

What about DMZ ? DO you have any existing DMZ & are you going in for a DMZ solution ?

How many interfaces does you firewall have ? is it a PIX or an ASA ?

If you are going to run both ISPs at the same time, then you will have to think of routing for your Links.

The Cisco firewall support 1 single route

so you may have to do a Policy route on the Current internet router to distinguish new ISp & old ISP traffic