From: Hunt Lee (ciscoforme3@yahoo.com.au)
Date: Sat Nov 02 2002 - 21:18:43 GMT-3
Hello Nigel,
Thanks so much for your help!! I managed to get it working now, YAY ;-) I
didn't realized at first that it will only load balanced TCP ports, so I
shouldn't use PING to test... doh!!!
But my config works on Cisco 2500 router. Thanks again.
Regards,
H.
--- Nigel Taylor <nigel_taylor@hotmail.com> wrote: > Hunt,
> I believe you're referring to this IOS SLB which seems to specific
> to the newer Cat4xxx and 65xx products. I couldn't find anything that
> suggest this could be done with NAT on a standard (2500) model router.
>
> Here's the link I'm referring too... watch the line wrap.
>
> http://www.cisco.com/en/US/customer/products/hw/switches/ps708/products_whit
> e_paper09186a00800924fd.shtml
>
> Also, based your router config there isn't anything to binding the "virtual
> address" you mention to the NAT implementation. Also, there's nothing
> that's telling routerB(short of using a static route) to forward packets for
> the 100.x.x.x network to routerA.
>
> I'm really lost on what it is you're trying to do?
>
> Nigel
>
>
>
> ----- Original Message -----
> From: "Hunt Lee" <ciscoforme3@yahoo.com.au>
> To: "Nigel Taylor" <nigel_taylor@hotmail.com>
> Cc: <ccielab@groupstudy.com>
> Sent: Saturday, November 02, 2002 6:29 PM
> Subject: Re: Another NAT problem
>
>
> > Hi Nigel,
> >
> > I'm trying to use the TCP load balancing feature of NAT. So from the
> outside
> > there appears to be a single server at the Internal Global address
> > (100.20.1.1). And in reality, the router (RTA) is configured to perform
> > round-robin NAT translation to the three Internal Local IPs (192.168.1.2,
> > 192.168.1.3 & 192.168.1.4).
> >
> > According to CCO http://www.cisco.com/warp/customer/556/5.html , for
> outside to
> > inside, NAT should always take place before routing.
> >
> > However, from my test lab, I couldn't get the RTA to translate the packets
> when
> > outside hosts are trying to reach 100.20.1.1... don't know why.
> >
> > RTB#ping 100.20.1.1
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 100.20.1.1, timeout is 2 seconds:
> > U.U.U
> > Success rate is 0 percent (0/5)
> > RTB#
> >
> >
> > RTA#sh ip nat translations
> >
> > RTA#
> >
> >
> > Regards,
> > H.
> >
> >
> > --- Nigel Taylor <nigel_taylor@hotmail.com> wrote: > Hunt,
> > > I'm a bit lost on what exactly it is you're trying to
> accomplish?
> > > I understand that you have 3 servers with mirrored content and I'm
> guessing
> > > you would like users to access any of the three devices as requested. I
> > > don't see how NAT will help you out in this situation. If you use a
> static
> > > mapping then you'll have to define a different "virtual IP" for each
> device.
> > > However, if you use port mapping then the ports will be unique(unless
> > > statically defines). Why not simply define the 3 servers in DNS this
> way
> > > the hostname(URL) resolves to any of the 3 servers. Additionally, you
> could
> > > opt for one of the content switches form Cisco, foundry, etc...
> > >
> > > HTH
> > >
> > > Nigel
> > >
> > > ----- Original Message -----
> > > From: "Hunt Lee" <ciscoforme3@yahoo.com.au>
> > > To: <ccielab@groupstudy.com>
> > > Sent: Saturday, November 02, 2002 6:25 AM
> > > Subject: Another NAT problem
> > >
> > >
> > > > Group,
> > > >
> > > > I have run into another NAT problem. This time, what I'm trying to
> > > achieve is
> > > > that I have 3 servers with mirrored content, & I want to create a
> "virtual
> > > > server" with an IP of 100.20.1.1
> > > >
> > > > ServerA (192.168.1.2/24)
> > > > \
> > > > ServerB (192.168.1.3/24)- RTA ---- RTB (207.35.14.81 /30)
> > > > /
> > > > ServerC (192.168.1.4/24)
> > > >
> > > > But when I tried to ping the Virtual IP from RTB, no NAT translation
> is
> > > taking
> > > > place, and hence the ping is unsucessful.
> > > >
> > > >
> > > > here's RTA config...
> > > >
> > > > interface FastEthernet0/0
> > > > description Inside NAT - to the 3 servers
> > > > ip address 192.168.1.1 255.255.255.0
> > > > ip nat inside
> > > > no ip route-cache
> > > > no ip mroute-cache
> > > > duplex auto
> > > > speed auto
> > > > !
> > > > interface Serial0/0
> > > > description to Outside - to RTB
> > > > ip address 207.35.14.82 255.255.255.252
> > > > ip nat outside
> > > > no ip route-cache
> > > > no ip mroute-cache
> > > > clockrate 64000
> > > >
> > > >
> > > > ip nat pool PoolOne 192.168.1.2 192.168.1.4 prefix-length 24 type
> rotary
> > > > ip nat inside destination list 5 pool PoolOne
> > > >
> > > > access-list 5 permit 100.20.1.1
> > > >
> > > >
> > > > ****** I can ping fine to the Internal local IPs of the 3 servers
> *****
> > > >
> > > > RTB#ping 192.168.1.2
> > > >
> > > > Type escape sequence to abort.
> > > > Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
> > > > !!!!!
> > > > Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36
> ms
> > > > RTB#ping 192.168.1.3
> > > >
> > > > Type escape sequence to abort.
> > > > Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
> > > > !!!!!
> > > > Success rate is 100 percent (5/5), round-trip min/avg/max = 32/34/36
> ms
> > > > RTB#
> > > >
> > > >
> > > >
> > > > **** but when I try to ping the Virtual IP, nothing happens ****
> > > >
> > > > RTB#ping 100.20.1.1
> > > >
> > > > Type escape sequence to abort.
> > > > Sending 5, 100-byte ICMP Echos to 100.20.1.1, timeout is 2 seconds:
> > > > U.U.U
> > > > Success rate is 0 percent (0/5)
> > > > RTB#
> > > >
> > > >
> > > > RTA#sh ip nat translations
> > > >
> > > > RTA#
> > > >
> > > > Any help will be greatly appreciated.
> > > >
> > > > Regards,
> > > > H.
> > > >
> > > > http://careers.yahoo.com.au - Yahoo! Careers
> > > > - 1,000's of jobs waiting online for you!
> >
> > http://careers.yahoo.com.au - Yahoo! Careers
> > - 1,000's of jobs waiting online for you!
> >
http://careers.yahoo.com.au - Yahoo! Careers
- 1,000's of jobs waiting online for you!
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:22:51 GMT-3