visp setup help

Unanswered Question
Nov 28th, 2012

Hi

I hope someone can confirm my plan.

We have been asked to setup a small isp for a block of flats the config we are thinking is below. My question is what is the best way to share the external ip addresses with the different flats and routers the end users will have.

100Mb link Ethernet = cisco layer 3 switch= cisco layer 2 switch= end user router

I'm planing on subnetting the ip range from our isp into smaller parts then setting up Vlans for each customer and routing the traffic out via the layer 3 switch.

Am I on the right path with this design?

Many thanks

Sent from Cisco Technical Support iPad App

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Marwan ALshawi Thu, 11/29/2012 - 23:21

since it is going to be like an sip network/multi tenant solution provider then you need to virtualize and separate the internal private networks using vlans in l2 and vrfs in l3 per private lan
at the internet edge router you implement something called vrf-aware NAT to support and provide a shred internet ip/liink to multiple vrfs/customers
if separation not required you may use multiple vlans and inter VLAN routing with NAT on the internet edge for traffic sourced from all the internal

hope this help
if helpful rate

Sent from Cisco Technical Support iPad App

alex-mendes Fri, 11/30/2012 - 01:22

Hi Marwanshawi,

Thanks for the reply.

Separation is not required Im just looking for a way to share external IP range with different customers on site but being able to control how many IP address they can have. Example

If I have a block of IP xxx.xxx.xxx.1 / 29 from my ISP I want to be able to chop this up and give customer A xxx.xxx.xxx.1 to xxx.xxx.xxx.5 for example and customer B xxx.xxx.xxx.6 to xxx.xxx.xxx.7. How ever i want to stop Customer A from getting addresses outside of his/her assignment with out being wasteful with ip addresses

I hope I have explained this correctly

Marwan ALshawi Fri, 11/30/2012 - 10:28

In this case no need for vrf, simply use policy nating with PAT where you create acl, route map and pool of public/outside ip per customer then create a nat/par statement per customer matching the relevant acl/route map as the source and using the desired nat-pool
Using the overload keyword will make it a pat where you can provide hosts internet even if they exceed the maxim IPs in the relevant nat-pool using port translation

This is per customer and you can search fir policy nat with acl or route map for more detailed configuration but in terms of deign this is how it works

Hope this help
If helpful rate

Sent from Cisco Technical Support iPhone App

alex-mendes Fri, 11/30/2012 - 11:47

Is this not double natting as the customer will be doing nat for there private LAN behind there on routers.

Cheers

Sent from Cisco Technical Support iPad App

Marwan ALshawi Fri, 11/30/2012 - 17:18

eve though there is no problem in it
Unless this is something not supported by a client application for example
But in general they can perform their own nat and you do your nat in your end

Sent from Cisco Technical Support iPhone App

Actions

Login or Register to take actions

This Discussion

Posted November 28, 2012 at 10:50 AM
Stats:
Replies:5 Avg. Rating:
Views:470 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard