> I guess I need to read up on PPTP (sigh).
> Does the protocol work through a 1:1 NAT today?
We need a little time to check this inside VPP network (install any pptp server
inside VPP network and connect via public IPs inside VPP network between server
and client). Or if you are talking about current _iptables_ scheme? In our
current iptables scheme pptp traffic going through a dynamic NAT and 1:1 NAT
too.
> If so... what's the size of your external IPv4 pool?
We have four servers for NAT pooling, each server have one network block /24
public addressing (summary four network block by /24 using).Another two servers
have four network blocks /24 public addressing for 1:1 NAT (one server active,
second backup).
> Are you able to perform some measurements of the number of PPTP sessions?
So, are you talking about totally pps for this PPTP sessions?
> E.g. if all your PPTP sessions goes to _different_ destination addresses, a
> single IPv4 address works fine.
> But if a larger number than the number of source addresses PPTP sessions go
> to the _same_ destination address we would be in trouble.
Each inside suscriber (src_ips is different) connected to outside network
(dst_ips is different), going throught pool NAT (dynamic NAT) (nat_public_ips
is differnet, because every suscriber is hashing by iptables, as i know) and
1:1 NAT (if suscriber has this option).
Thanks!
--
Yours sincerely,
Denis Lotarev
On Wednesday, June 14, 2017, 5:24:03 PM GMT+5, <otr...@employees.org> wrote:
Hi Denis,
> We are trying to test SIP to asterisk (which outside VPP network) port 5060
> UDP and its work normaly via SNAT plugin (static and dynamic nat working
> well).Also we are trying to test SIP to yate (minimal sip server) inside VPP
> network with SNAT hairpin and its work correctly too. And also we are
> connected to yate from outside VPP network, this simply works! :-)
>
> Also we are testing FTP client from Internet Explorer Windows 10 and IRC
> client they are works well too.
That's cool!
> After that testing we need only PPTP protocol via S-NAT plugin, which not
> work today.
I guess I need to read up on PPTP (sigh).
Does the protocol work through a 1:1 NAT today?
If so... what's the size of your external IPv4 pool?
Are you able to perform some measurements of the number of PPTP sessions?
Or rather the number of sessions you have which are not UDP, TCP. And sort them
IP src, dst and protocol?
The question I want to answer is. How big must the external IPv4 pool be, for a
transport layer independent NAT to function.
E.g. if all your PPTP sessions goes to _different_ destination addresses, a
single IPv4 address works fine.
But if a larger number than the number of source addresses PPTP sessions go to
the _same_ destination address we would be in trouble.
Best regards,
Ole
_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
