Free Certification Practice Tests and Study Guides
Join Us! | Login | Help




NAT QUESTION - PUBLIC IP

 
Post new topic   This topic is locked: you cannot edit posts or make replies.     |##| -> |=|     MC MCSE Certification Forums -> Windows 2000/XP/2003
View previous topic :: View next topic  
Author Message
redhatserver
Becoming a Regular
Becoming a Regular


Joined: 30 Oct 2002
Posts: 51
Location: USA

Post subject:
Posted: Mon Jun 09, 2003 6:43 pm
Reply with quote

Help others: Review your books and training products here

Hello all,i need a little help i got a question?
Ok if you are using nat and is enable in a ras server this to provide internet service to your clients,how many clients can go out trough a single public ip,tnx will apriciate a lot your help guys.
Back to top
Offline View user's profile Send private message Send e-mail
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Mon Jun 09, 2003 7:10 pm
Reply with quote

Help others: Review your books and training products here

I would say quite a lot because NAT will store the internal address and internal request port, sends it out via the public address to the destination. The destination will reply via a dynamically allocated port to the public IP. NAT stores those in it's tables. So I can see only a bandwidth problem, ofcouse a not well spec'd server can limit the connections as well
_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
redhatserver
Becoming a Regular
Becoming a Regular


Joined: 30 Oct 2002
Posts: 51
Location: USA

Post subject:
Posted: Mon Jun 09, 2003 8:12 pm
Reply with quote

Help others: Review your books and training products here

Tanks for your reply,i am just trying to find out an aprox on how many users can use the single public ip,i need a solution to provide at least internet service to 1000 customers with ras and nat to dialing customers.
Back to top
Offline View user's profile Send private message Send e-mail
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Mon Jun 09, 2003 8:27 pm
Reply with quote

Help others: Review your books and training products here

wow lot's of users
just checked RFC1631 but they don't mention anything about the amount of connections.
Extract from RFC:

Initial Assignment of Local and Global Addresses
A single class A address should be allocated for local networks. (See RFC 1597 [3].) This address could then be used for internets with no connection to the Internet. NAT then provides an easy way to change an experimental network to a "real" network by translating the experimental addresses to globally unique Internet addresses


mmm a single Class A, 16 miljon hosts so... I think it will be more bandwidth/resources restrictions....

_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
jsprague
Site Admin
Site Admin


Joined: 18 Sep 2001
Posts: 8028
Location: Portland, Or

Post subject:
Posted: Mon Jun 09, 2003 11:12 pm
Reply with quote

Help others: Review your books and training products here

There should be no limit whatsoever on the number of connections using NAT. It doesn't matter how many people are trying to access the internet, NAT will convert all addresses into a single outgoing address.

Like headhunter said, the only problem would be bandwidth and resource issues.

_________________
Did you know?
Buying discount exam vouchers saves you money and helps support this site.
Back to top
Offline View user's profile Send private message Visit poster's website
Prime60minister
Moderator
Moderator


Joined: 16 Sep 2002
Posts: 925
Location: Montreal, Quebec

Post subject:
Posted: Tue Jun 10, 2003 4:57 am
Reply with quote

Help others: Review your books and training products here

ISA server is known to have a 40 secureNAT session maximum per client. (after that, it will reset and disconnect older sessions)

This is an excerpt from M$ website:

"Internet connection sharing and network address translation are features of Windows 2000 Server that are designed to connect SOHO networks to the Internet."

Although they do not explain why, my guess is that NAT is limited in w2k. (lack of support for a bunch of protocols, encryption, etc).

It is much more interesting win Server 2003 as it lets ipsec passthrough.

Also, a NAT server that serves on a 192.168.255.x network will be limited to 254 hosts.

You can take in consideration that NAT supports multiple public IP's and multiple NIC interfaces so put in some nice INTEL PRO gigabit cards with failover and NLB, and put a nice box with one or two xeons and plug your switches in there!

(Although for the same price of such a deluxe server, you could probably get a nice Cisco box...)

_________________
mcsa, mcts
Back to top
Offline View user's profile Send private message Visit poster's website
jsprague
Site Admin
Site Admin


Joined: 18 Sep 2001
Posts: 8028
Location: Portland, Or

Post subject:
Posted: Tue Jun 10, 2003 5:05 am
Reply with quote

Help others: Review your books and training products here

So it sounds like he should use a router or other device other than Windows to use NAT and definitely use a 10.x.x.x address...
_________________
Did you know?
Buying discount exam vouchers saves you money and helps support this site.
Back to top
Offline View user's profile Send private message Visit poster's website
jsprague
Site Admin
Site Admin


Joined: 18 Sep 2001
Posts: 8028
Location: Portland, Or

Post subject:
Posted: Tue Jun 10, 2003 7:13 am
Reply with quote

Help others: Review your books and training products here

Hey Prime...

Quote:
Also, a NAT server that serves on a 192.168.255.x network will be limited to 254 hosts.


After thinking about this a little more, wouldn't this depend on the subnet mask you are using???

_________________
Did you know?
Buying discount exam vouchers saves you money and helps support this site.
Back to top
Offline View user's profile Send private message Visit poster's website
redhatserver
Becoming a Regular
Becoming a Regular


Joined: 30 Oct 2002
Posts: 51
Location: USA

Post subject:
Posted: Tue Jun 10, 2003 1:02 pm
Reply with quote

Help others: Review your books and training products here

Tankyou guys,all your opinions are very helpfull,will be doing a little search on prices now for cisco routers and also on the server that prime was recomending,and after will be making a choice of wich metod will be taking for the proyect tnx again guys for your help.
Back to top
Offline View user's profile Send private message Send e-mail
Prime60minister
Moderator
Moderator


Joined: 16 Sep 2002
Posts: 925
Location: Montreal, Quebec

Post subject:
Posted: Tue Jun 10, 2003 2:23 pm
Reply with quote

Help others: Review your books and training products here

Jason,

Subnet has definitely something to do with it. I should have been clearer.

When you buy a Linksys Nat-based router, they only guarantee you 250 host support. In this case, subnet isn't the only problem: processing is!

My guess is that a hardware based nat solution should be more robust and less expensive than an intel server with win2k server.

A SonicWall is also a great alternative to Cisco and it is almost as easy to setup than a Linksys box (with much much much more features!)

_________________
mcsa, mcts
Back to top
Offline View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.     |##| -> |=|     MC MCSE Certification Forums -> Windows 2000/XP/2003 All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum






IT Showcase