Troubleshooting NAT / PAT

Working on the ISP side at Level 3 Communication and Zayo I always found it interesting because on the academic side they always say BGP is not really needed unless you need to do load balancing across multiple ISP.

However, when your actual out there in the real world that doe not seem to be how the majority do it. Basically I would say the majority use BGP even for single connections. Laz Hypothesis sounds as reasonable as any that its easier for the ISP so they just go with BGP. I never really asked that question and most of the guys and girls around me probably just followed the norm as well.

I will say that normally you only get your small subnet. The ISP will give you a /30 or /29 no questions asked. You can even get a /28 without to much issues. However if I remember correct you start having to submit a IPJ (IP Justification Form) @ /28 and larger (larger refers to the amount of IPs not the number as the smaller the number the larger amount of IPs…its a bit backwards thinking but that’s just the jargon type language used)

Most customers just get a peer connection and then have default routes only sent to them. By a peer connection that just means they get their 2-6 IPs of which the ISP uses one of those for their side of the connection. Then on the inside NAT is done by the customer such as in the scenario but with just a single subnet assigned to the customer.

Then some customers need more maybe they have multiple servers. Most times we will still only go with a single subnet but they might get a /28 or /27. They can use this for a larger NAT Pool or may have some DMZ servers or equipment.

Then yet others will have exactly like the scenario or even larger. Meaning they have a subnet that they peer with the ISP but they may have prefixes (another odd term when I first started working for ISP as I like to say subnets lol… but you get use to it quickly) that they purchased on their own and have registered with ARIN (if in the US) or others.

In that later case they might have multiple prefixes and these they would advertise through BGP with the network command such as in the scenario. Service Provider side is interesting and a bit different as often they use ISIS for their IGP (which I am not as familiar with) and they use MPLS and VRF, and Elan and Eline as well as BGP.

I was a bit lost when I first got into it but you soon get a list of commands to use to trouble shoot most of the problems that happen. Its all fiber as well so you are trouble shooting a lot of fiber and light issues.

I am certainly not an expert on SP side though I do have about a year hands on experience with it. and I normally study at home as well as I like learning about things and hate having unanswered questions. My favorite though is still corporate enterprise side which is what we study in regular routing and switching using IOS and IOS XE.

I did learn about IOS XR though which is an entirely different beast as well as Juniper and Alcatel Lucent (I am still not an ALU fan, probably because to me its really different. I have trouble shot BGP and MPLS on it however and increased size of allowed prefixes when that was exceeded and caused BGP to stop working and go active but it was definitely not comfortable for me).

Anyway my consulting gig with the ISP ended so I am not working with those technologies currently and back in the job market and excited to see where my next employment opportunity will take me. Real world experience combined with academic training and learning really accelerates your growth.

If you have strong background in one areas however I believe it makes the others easier to pick up in minutes and hours in what otherwise might takes weeks or months.

Anyway this was nice section I enjoyed it.

4 Likes