Hello;

Im interested to know when and why should I use dynamic routing (such as RIP) between my border router and ISP?

Thanks

James

For Internet connections the only routing protocol you would ever run with your ISP is BGP, and then usually only when you have multiple connections to the Internet.

Or, if you have an MPLS service for your WAN you could run a dynamic protocol to propagate your routes between sites via your ISP.

_________________
blog.brokennetwork.ca

We use OSPF across our WAN sites. Dark Fibre makes the whole caper a lot easier.

_________________
Weblog -http://blog.ciscoinferno.net/
Twitter -@pandom_

Even if you have two connections. One might be a backup so a static route would suffice.

If you're multihomed and using both at the same time then yeah, BGP for sure.

Sent via mobile internet.

_________________
- Pete

Great. Thank you all for your contribution. Another question. Lets say I am a very stupid person, and I configure my CPE to distribute a 173.14.18.0 /24 address range via DHCP for my local area network adapters. There would be consequences for this, right? We can only use the three private ranges for our LANs. That's the law, right? But what if I NAT the connection to my ISP? Would it work then? This issue bugs me a bit.

(I would open a brand new topic for this, but I dont want to spam your post structure)

Thanks

James

There's no law that you have to use private IPs internally.

_________________
blog.brokennetwork.ca

If you did that, some things hosted via comcast wouldn't work any more.

_________________
- Pete

But is it common? Would you do it in your company, for your client? Of course you could do it, but I mean Ive heard that some routers wont even let you configure them with ranges other than the private ones. Ive never heard of anyone that did something like that. Even in the most basic Cisco labs they dont address the computers in a LAN outside of the three private ranges.

IBM uses their 9.0.0.0/8 to address their workstations on their internal network (I used to work there). I've also worked other places that use their public IPs internally.

This is actually how IPv4 was designed. NAT is a klugy workaround that never existed in the first place. IPv6 is also designed to not use NAT and there's no such things as "private IP"s as well.

_________________
blog.brokennetwork.ca

Ok. So, lets say I have a NATted LAN with a 5.5.5.5/24 computer on it. Would this computer be able to access a remote server with a 5.5.5.5 public IP?

No.

See, if you use public IPs in your own LAN, it needs to be IPs you own. If someone else owns them, which is what would be the case in your example, you're not going to be able to reach the services offered by the real owner.

_________________
blog.brokennetwork.ca

So the only way for me to use any address range outside the private ones is to own them. In the other hand, I could use the public IPs inside the LANs without owning them, but then calling myself a network administrator would be a lie.

_________________
www.mellowd.co.uk/ccie/

Thank you all, I the matter is clearer to me a bit now. Mr. Mellowd Im going to bookmark your page . So, Im using a public IP range in my LAN (150.25.25.0/24). I own that range (well, not really but for the sake of the question). My ISP would route this range via BGP to my border router, and my border router would then use static NAT to forward packets addressed to those addresses to my LAN? How would my router be configured?
Would it be like this:

MY BORDER ROUTER
ISP---------150.25.25.0/24----------fa0/0----------------fa0/1 to some private address range - LAN

Or:

MY BORDER ROUTER
ISP---------different public IP--------fa0/0----------------fa0/1 to 150.25.25.0/24 - LAN

Or would I just use multiple IPs (on a CISCO interface IP secondary command) on the fa0/0 interface?

I am currently looking at a customer's network that has 169.254.0.0/16 configured at their main site. Can you believe it? They have about 30 devices and then I said they need to change it they said it would take 3 months....

How your ISP routes that traffic to you does not have to be BGP.

I'll take one of my customers as an example. They have their own /22 public PI range. On my edge I advertise reachability to this /22 to my peers via BGP. How I route to the customer can be via any protocol. Either BGP or an IGP. In my case we have a managed router on site. This router belongs to us and has a private /30 on the 'WAN' side and a /30 from the /22 on the 'LAN' side. This goes to the customers firewall where he does what he wants.

My router on site advertises the /22 as an area range command into my core.

And so my core has an OSPF route to the /22 via the /30 management address. My edge routers advertise this range via BGP because they have reachability to that range via OSPF.


So if you had a public /24, I would NOT be using the entire /24 on the WAN side because now the subnet belongs on that link. Either use a private /30 between you and the ISP, or subnet your /24 and use only a /30 (or better a /31) of your /24 on the WAN side. Keep the rest of your addresses on the LAN side.

NAT should NOT be used as your addresses are public already.

_________________
www.mellowd.co.uk/ccie/

Ugh, twas a busy peroid, Im sorry for not getting back to you earlier anyhow I thank you for your help mr. Mellowd. Kudos to you.