Redundancy and Load-Balancing Framework for Stateful NAT

Similar documents
Stateful Network Address Translators (NAT) Xiaohu Xu Dean Cheng IETF75, Stockholm

Considerations on NAT64 Load- Balancing

M2M Series Routers. Virtual Router Redundancy Protocol (VRRP) Configuration Whitepaper

Mail-SeCure Load Balancing

Cisco Networking Academy CCNP Multilayer Switching

CCNP Switch Questions/Answers Implementing High Availability and Redundancy

Exam F F5 BIG-IP V9.4 LTM Essentials Version: 5.0 [ Total Questions: 100 ]

IPv4/IPv6 Translation: Framework. Li, Bao, and Baker

Creating Web Farms with Linux (Linux High Availability and Scalability)

High Availability. Vyatta System

Digi Certified Transport Technician Training Course (DCTT)

Layer 3 Redundancy with HSRP By Sunset Learning Instructor Andrew Stibbards

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

How To Load Balance On A Cisco Cisco Cs3.X With A Csono Css 3.X And Csonos 3.5.X (Cisco Css) On A Powerline With A Powerpack (C

Redundancy Design Best Practices

Introduction. Internet Address Depletion and CIDR. Introduction. Introduction

Carrier Grade NAT. Requirements and Challenges in the Real World. Amir Tabdili Cypress Consulting

Migration from Cisco GLBP to industry standard VRRPE

High Availability. Vyatta System

LOAD BALANCING WHITE PAPER OPTIONS FOR HANDLING MULTIPLE ISP LINES AT HOTELS

DHCPv6 Failover Update IETF85

TESTING & INTEGRATION GROUP SOLUTION GUIDE

DEPLOYMENT GUIDE Version 1.4. Configuring IP Address Sharing in a Large Scale Network: DNS64/NAT64

Fault Tolerance in the Internet: Servers and Routers

CGN Deployment with MPLS/VPNs

Load Balancing. Final Network Exam LSNAT. Sommaire. How works a "traditional" NAT? Un article de Le wiki des TPs RSM.

DHCP Failover: Requirements of a High-Performance System

Availability Digest. Redundant Load Balancing for High Availability July 2013

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

VRRPv3: Object Tracking Integration

AWS Direct Connect. User Guide API Version

Introduction to HA Technologies: SSO/NSF with GR and/or NSR. Ken Weissner / kweissne@cisco.com Systems and Technology Architecture, Cisco Systems

Advanced SLB High Availability and Stateless SLB

- Redundancy and Load Balancing -

LOAD BALANCING WHITE PAPER OPTIONS FOR HANDLING MULTIPLE ISP LINES AT HOTELS

Configuring Static and Dynamic NAT Translation

High Availability and Clustering

IPv6 Roaming Behavior Analysis draft-chen-v6ops-ipv6-roaming-analysis-02

Juniper Exam JN0-343 Juniper Networks Certified Internet Specialist (JNCIS-ENT) Version: 10.1 [ Total Questions: 498 ]

Virtual PortChannels: Building Networks without Spanning Tree Protocol

Networking and High Availability

Disaster Recovery (DR) Planning with the Cloud Desktop

Cisco Expressway Basic Configuration

Volume GAJSHIELD INFOTECH PVT LTD. Wan Failover & Load Balancing. Administrative Guide

EXPEDITING ACCESS TO V6 SERVICES: GETTING WEB CONTENT AVAILABLE OVER IPV6 QUICKLY AND AT LOW COST

Astaro Deployment Guide High Availability Options Clustering and Hot Standby

VXLAN Bridging & Routing

Best Practices for Implementing High Availability for SAS 9.4

Border Gateway Protocol Best Practices

Network Level Multihoming and BGP Challenges

Networking and High Availability

An Introduction to Orange IPv6 Strategy

CONFIGURING BIG-IP LOCAL TRAFFIC MANAGER 3-Day

21.4 Network Address Translation (NAT) NAT concept

LinkProof DNS Quick Start Guide

Configuring the BIG-IP and Check Point VPN-1 /FireWall-1

Apache Tomcat Clustering

MIT s Current SIP Infrastructure. Mark Silis MIT Information Services and Technology February 2, 2006

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

WAN Failover Scenarios Using Digi Wireless WAN Routers

Understanding and Configuring NAT Tech Note PAN-OS 4.1

13th IFIP/IEEE International Workshop on Distributed Systems: Operations & Management

France Telecom s IPv6 Strategy. C. Jacquenet, M. Sall

Internet Engineering Task Force (IETF) Category: Standards Track. T. Reddy Cisco March 2015

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

RESILIENT NETWORK DESIGN

Configuring Dual VPNs with Dual ISP Links Using ECMP Tech Note PAN-OS 7.0

SIIT-DC: IPv4 Service Continuity for IPv6 Data Centres. Tore Anderson Redpill Linpro AS 8th Belgian IPv6 Council, Bruxelles, November 2015

Charter Text Network Design and Configuration

Canadian Securities Exchange enhances Trading Network by adding a FIX Protocol Router Appliance

Exam : EE : F5 BIG-IP V9 Local traffic Management. Title. Ver :

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide

Introducing Reliability and Load Balancing in Mobile IPv6 based Networks

Internet Addresses (You should read Chapter 4 in Forouzan)

Configuring and Implementing A10

Simulation of High Availability Internet Service Provider s Network

Technical White Paper

ExamPDF. Higher Quality,Better service!

Managing SIP-based Applications With WAN Optimization

Network Address Translation (NAT)

Challenges in NetFlow based Event Logging

High Availability on MikroTik RouterOS

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

Remote Desktop Services Overview. Prerequisites. Additional References

SCALABILITY AND AVAILABILITY

Analyzing the Internet s BGP Routing Table

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN

סילבוס -MCITP מנהלי רשתות

Routing Security Server failure detection and recovery Protocol support Redundancy

IPv6 Autoconfiguration Best Practice Document

Configuring High Availability for Embedded NGX Gateways in SmartCenter

Transcription:

Redundancy and Load-Balancing Framework for Stateful NAT draft-xu-behave-stateful-nat-standby-03 Xiaohu Xu (xuxh@huawei.com) Mohamed Boucadair (mohamed.boucadair@orange-ftgroup.com) Yiu Lee (yiu_lee@cable.comcast.com) Gang Chen (chengang@chinamobile.com) www.huawei.com IETF 77, Anaheim

Changes from -01 Some editorial changes; Two new co-authors added; 2

Motivations Due to the forthcoming IPv4 address exhaustion, CGN will be deployed more widely to share IPv4 addresses among a large number of customers. Hence, Single point of failure should be avoided so as to avoid impacting the service delivery to a large number of customers. To scale the CGN deployment better, traffic loads should be shared among a group of CGNs. This draft describe a framework for stateful NAT redundancy and load-balancing requirements. e.g., the address pool configuration and route announcement requirements. 3

Scenarios and Terminology Internal host (session initiator) NAT-1 External host (session responder) Internal Realm NAT-2 External Realm Internal realm is the network where the session initiator is located, while the external realm is the network where the session responder is located. E.g., in the case of NAT64, the internal realm is IPv6 network/internet while the external realm is IPv4 network/internet. The mechanism is suitable for all stateful CGNs, including NAT64, NAT44 (e.g., DS-Lite) and NAT46. The following will take NAT64 as an example. 4

Two Standby Modes Cold Standby To keep the NAT failover transparent to the internal hosts. In other words, when the Primary NAT fails, all the existing established sessions will be flushed out. The internal hosts are required to reestablish sessions to the external hosts; Hot Standby To keep the established sessions intact during NAT failover. In other words, when the Primary NAT fails, the Backup NAT will take over all the existing established sessions. The internal hosts are not required to re-establish sessions to the external hosts. 5

Address Pool Configuration in Cold Standby Mode The addresses for external hosts should remain as is despite NAT failover. NAT64 devices belonging to a redundancy group should be configured with an identical prefix64. To avoid the newly elected Primary from occasionally assigning an address/port pair, which had even been assigned to internal host A by the failed Primary, to internal host B. Each NAT64 device should be configured with different external address pools without any overlapping. 6

Route Announcement in Cold Standby Mode Through manual configuration or election mechanism (e.g., VRRP), one NAT router is designated as the Primary, and the other as the Backup. In the internal realm, the Primary NAT announces a route to the Prefix64. In election mode, the Backup could do nothing. In manual configuration mode, the Backup should also announce into the internal realm a route to the prefix64 with a higher enough cost or in a larger granularity for potential takeover. In either mode, once the connectivity to the external realm is lost, the Primary should withdraw the route to the Prefix64 advertised before. In the external realm, each NAT device should announce a route to its own external address pool. 7

Address Pool Configuration in Hot Standby Mode The addresses for external hosts should remain as is despite NAT failover. NAT64 devices belonging to a redundancy group should be configured with an identical Prefix64. The external addresses for internal hosts should also remain as is in the event of failover. NAT64 devices of a redundancy group should be configured with an identical external address pool and synchronize their NAT states among them. 8

Route Announcement in Hot Standby Mode Through manual configuration or election mechanism (e.g., VRRP), one is designated as the Primary, the other as the Backup. The Primary announces into the internal realm a route to the prefix64, and announces into the external realm a route to the external address pool. In election mode, the Backup could do nothing. In manual configuration mode, the Backup should also announce the same routes as those advertised by the Primary, but with a higher enough cost or in a larger granularity for potential takeover. In either mode, once the connectivity to the external or internal realm is lost, the Primary should attempt to withdraw the routes it had advertised before. 9

Load-balancing Act as the primary for group A while the backup for group B. Internal host (session initiator) NAT-1 External host (session responder) Internal Realm NAT-2 External Realm Act as the primary for group B while the backup for group A. Associate different prefix64s to different redundancy groups. Each group is associated with a distinct Prefix64. Each group is configured with a different address pool without any overlapping. Alternative: anycast? 10

Next-Step Adopt it as a new charter item? 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information