8.1. vCGNAT Deployment Scenarios

vCGNAT supports the scenarios below that involve integration into an existing network in order to guarantee redundancy and scalability:

  1. Active/Standby

  2. Active/Active (N+1)

8.1.1. Active/Standby

../_images/active_standby.png ../_images/dark_active_standby.png

In an Active/Standby scenario, each vCGNAT node has the same NAT configuration. This same NAT configuration refers to public pool addresses, subscriber groups and rules settings.

Each vCGNAT is active and ready for operation. Neighbor devices: L3 switches or routers decide which vCGNAT is used for traffic processing. Routing protocols are used for traffic path selection, and the most commonly used protocol is Border Gateway Protocol (BGP).

The AS-path prepend option is used when routing updates pass through the second vCGNAT. The routing updates from the first vCGNAT receive a higher priority, and traffic goes through it.

In case of a failure with the first vCGNAT, the routing tables on the neighbor devices are rebuilt, and the path through the second vCGNAT is used. The Bidirectional Forwarding Detection (BFD) protocol reduces node failure response time in conjunction with BGP.

8.1.2. Active/Active (N+1)

../_images/active_active_N+1.png ../_images/dark_active_active_N+1.png

In an Active/Active (N+1) scenario, each vCGNAT node has a different configuration. Each vCGNAT is active. The NAT rules are created so that each vCGNAT can handle traffic from any subscriber inside the network, but different public pools are used, i.e., the traffic is balanced. To balance inside network (LAN) traffic, per-source balancing on the downlink L3 device is used. Neighboring devices run BGP for the announcement of routing updates. Each vCGNAT announces its subnet which corresponds to a public address pool for NAT translations. Therefore, reverse traffic from the internet always returns to the same vCGNAT node as traffic from the inside network.