nanog mailing list archives
Re: Best Practices for Enterprise networks
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Mon, 30 Aug 2004 00:31:33 +0000 (GMT)
On Mon, 30 Aug 2004, Fergie (Paul Ferguson) wrote:
Asymmetric paths are a fact of life in the Internet.
engineer your network to deal with that (from the enterprise perspective, not the ISP side) and it's not a problem... we have several customers in this scenario today, all work well.
- ferg -- Iljitsch van Beijnum <iljitsch () muada com> wrote: On 30-aug-04, at 0:50, Tracy Smith wrote:Hello. I am tyring to gauge what the Best Practices are for Enterprise network connections to the Internet. Specifically, to NAT or not to NAT? At what point should NAT-ting be performed ... exclusively at the Egress point or at decentralized points? What about firewalling - centralized/decentralized?Fortunately, I've never been in the position to make such decisions, but I can tell you one thing: if you have multiple connections to the internet, you had better make sure that your NATs and firewalls are
(aimed at original poster) NAT is normally a decision local to the site... "have enough ips? don't nat" "Don't have enough ips, NAT" or the ever popular: "Want to hide your internal network details, nat" I'm not sure there is a 'best practice' that really covers nat. Perhaps paying for some consulting from some of the larger consulting firms would help you address your particular issues directly?
Current thread:
- Best Practices for Enterprise networks Tracy Smith (Aug 29)
- Re: Best Practices for Enterprise networks Iljitsch van Beijnum (Aug 29)
- <Possible follow-ups>
- Re: Best Practices for Enterprise networks Fergie (Paul Ferguson) (Aug 29)
- Re: Best Practices for Enterprise networks Christopher L. Morrow (Aug 29)
- RE: Best Practices for Enterprise networks Michel Py (Aug 29)
- RE: Best Practices for Enterprise networks Fergie (Paul Ferguson) (Aug 29)