Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
370
Views
0
Helpful
1
Replies

Pool ips publics ?

Go to solution
anthony.gomezz
Level 1
Level 1

‎03-06-2012 06:24 PM - edited ‎03-04-2019 03:34 PM

Hello, my ISP to me delivered a public address pool (pool of 8 ips). But I've always used all my services (mail, ftp, web, etc) published a single public IP. My question is. Benefits that would obtain if nats use each service to publish a different public ip, as do most companies? Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vivek Ganapathi
Level 4
Level 4

‎03-06-2012 08:35 PM

Hello Anthony,

It depends now, do you have all those services running on a single box (which is not a good security practice). But if you were, then you will prefer to have only one public IP used. But if those services were residing on different boxes then it's better to have them NATted on different static public IPs. The reason behind that i feel is to reduce the overhead on the router.

I think in this way, if a traffic inbound to your FTP site dives in, then router has to translate that request based on the Port number. Assuming that the traffic hits to a same public IP with multiple services over them, then it has to go each NAT rule lines to determine which is the inside private IP to be translated based on the destination port. But if you were to NAT with different IPs then it becomes fairly simple for the router to determine.

Hope this helps.

Vivek

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Vivek Ganapathi
Level 4
Level 4

‎03-06-2012 08:35 PM

Hello Anthony,

It depends now, do you have all those services running on a single box (which is not a good security practice). But if you were, then you will prefer to have only one public IP used. But if those services were residing on different boxes then it's better to have them NATted on different static public IPs. The reason behind that i feel is to reduce the overhead on the router.

I think in this way, if a traffic inbound to your FTP site dives in, then router has to translate that request based on the Port number. Assuming that the traffic hits to a same public IP with multiple services over them, then it has to go each NAT rule lines to determine which is the inside private IP to be translated based on the destination port. But if you were to NAT with different IPs then it becomes fairly simple for the router to determine.

Hope this helps.

Vivek

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card