From: Tasuka Amano Hsu (tasuka@mac.com)
Date: Fri Nov 08 2002 - 05:21:12 GMT-3
I believe your RTB does not any idea to got to host IP addrss
100.20.1.1, you need to add a route to let your RTB known it!
Best Regards
Tasuka
On Sunday, Nov 3, 2002, at 20:07 Asia/Taipei, Adam Crisp wrote:
> please can you post your working config?
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Hunt Lee
> Sent: 03 November 2002 00:19
> To: Nigel Taylor
> Cc: ccielab@groupstudy.com
> Subject: Re: Another NAT problem
>
>
> Hello Nigel,
>
> Thanks so much for your help!! I managed to get it working now, YAY
> ;-) I
> didn't realized at first that it will only load balanced TCP ports, so
> I
> shouldn't use PING to test... doh!!!
>
> But my config works on Cisco 2500 router. Thanks again.
>
> Regards,
> H.
>
>
> --- Nigel Taylor <nigel_taylor@hotmail.com> wrote: > Hunt,
>> I believe you're referring to this IOS SLB which seems to
> specific
>> to the newer Cat4xxx and 65xx products. I couldn't find anything that
>> suggest this could be done with NAT on a standard (2500) model router.
>>
>> Here's the link I'm referring too... watch the line wrap.
>>
>>
> http://www.cisco.com/en/US/customer/products/hw/switches/ps708/
> products_whit
>> e_paper09186a00800924fd.shtml
>>
>> Also, based your router config there isn't anything to binding the
> "virtual
>> address" you mention to the NAT implementation. Also, there's
>> nothing
>> that's telling routerB(short of using a static route) to forward
>> packets
> for
>> the 100.x.x.x network to routerA.
>>
>> I'm really lost on what it is you're trying to do?
>>
>> Nigel
>>
>>
>>
>> ----- Original Message -----
>> From: "Hunt Lee" <ciscoforme3@yahoo.com.au>
>> To: "Nigel Taylor" <nigel_taylor@hotmail.com>
>> Cc: <ccielab@groupstudy.com>
>> Sent: Saturday, November 02, 2002 6:29 PM
>> Subject: Re: Another NAT problem
>>
>>
>>> Hi Nigel,
>>>
>>> I'm trying to use the TCP load balancing feature of NAT. So from the
>> outside
>>> there appears to be a single server at the Internal Global address
>>> (100.20.1.1). And in reality, the router (RTA) is configured to
>>> perform
>>> round-robin NAT translation to the three Internal Local IPs
> (192.168.1.2,
>>> 192.168.1.3 & 192.168.1.4).
>>>
>>> According to CCO http://www.cisco.com/warp/customer/556/5.html , for
>> outside to
>>> inside, NAT should always take place before routing.
>>>
>>> However, from my test lab, I couldn't get the RTA to translate the
> packets
>> when
>>> outside hosts are trying to reach 100.20.1.1... don't know why.
>>>
>>> RTB#ping 100.20.1.1
>>>
>>> Type escape sequence to abort.
>>> Sending 5, 100-byte ICMP Echos to 100.20.1.1, timeout is 2 seconds:
>>> U.U.U
>>> Success rate is 0 percent (0/5)
>>> RTB#
>>>
>>>
>>> RTA#sh ip nat translations
>>>
>>> RTA#
>>>
>>>
>>> Regards,
>>> H.
>>>
>>>
>>> --- Nigel Taylor <nigel_taylor@hotmail.com> wrote: > Hunt,
>>>> I'm a bit lost on what exactly it is you're trying to
>> accomplish?
>>>> I understand that you have 3 servers with mirrored content and I'm
>> guessing
>>>> you would like users to access any of the three devices as
>>>> requested.
> I
>>>> don't see how NAT will help you out in this situation. If you use a
>> static
>>>> mapping then you'll have to define a different "virtual IP" for each
>> device.
>>>> However, if you use port mapping then the ports will be
>>>> unique(unless
>>>> statically defines). Why not simply define the 3 servers in DNS
>>>> this
>> way
>>>> the hostname(URL) resolves to any of the 3 servers. Additionally,
>>>> you
>> could
>>>> opt for one of the content switches form Cisco, foundry, etc...
>>>>
>>>> HTH
>>>>
>>>> Nigel
>>>>
>>>> ----- Original Message -----
>>>> From: "Hunt Lee" <ciscoforme3@yahoo.com.au>
>>>> To: <ccielab@groupstudy.com>
>>>> Sent: Saturday, November 02, 2002 6:25 AM
>>>> Subject: Another NAT problem
>>>>
>>>>
>>>>> Group,
>>>>>
>>>>> I have run into another NAT problem. This time, what I'm trying to
>>>> achieve is
>>>>> that I have 3 servers with mirrored content, & I want to create a
>> "virtual
>>>>> server" with an IP of 100.20.1.1
>>>>>
>>>>> ServerA (192.168.1.2/24)
>>>>> \
>>>>> ServerB (192.168.1.3/24)- RTA ---- RTB (207.35.14.81 /30)
>>>>> /
>>>>> ServerC (192.168.1.4/24)
>>>>>
>>>>> But when I tried to ping the Virtual IP from RTB, no NAT
>>>>> translation
>> is
>>>> taking
>>>>> place, and hence the ping is unsucessful.
>>>>>
>>>>>
>>>>> here's RTA config...
>>>>>
>>>>> interface FastEthernet0/0
>>>>> description Inside NAT - to the 3 servers
>>>>> ip address 192.168.1.1 255.255.255.0
>>>>> ip nat inside
>>>>> no ip route-cache
>>>>> no ip mroute-cache
>>>>> duplex auto
>>>>> speed auto
>>>>> !
>>>>> interface Serial0/0
>>>>> description to Outside - to RTB
>>>>> ip address 207.35.14.82 255.255.255.252
>>>>> ip nat outside
>>>>> no ip route-cache
>>>>> no ip mroute-cache
>>>>> clockrate 64000
>>>>>
>>>>>
>>>>> ip nat pool PoolOne 192.168.1.2 192.168.1.4 prefix-length 24 type
>> rotary
>>>>> ip nat inside destination list 5 pool PoolOne
>>>>>
>>>>> access-list 5 permit 100.20.1.1
>>>>>
>>>>>
>>>>> ****** I can ping fine to the Internal local IPs of the 3 servers
>> *****
>>>>>
>>>>> RTB#ping 192.168.1.2
>>>>>
>>>>> Type escape sequence to abort.
>>>>> Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2
>>>>> seconds:
>>>>> !!!!!
>>>>> Success rate is 100 percent (5/5), round-trip min/avg/max =
>>>>> 32/33/36
>> ms
>>>>> RTB#ping 192.168.1.3
>>>>>
>>>>> Type escape sequence to abort.
>>>>> Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2
>>>>> seconds:
>>>>> !!!!!
>>>>> Success rate is 100 percent (5/5), round-trip min/avg/max =
>>>>> 32/34/36
>> ms
>>>>> RTB#
>>>>>
>>>>>
>>>>>
>>>>> **** but when I try to ping the Virtual IP, nothing happens ****
>>>>>
>>>>> RTB#ping 100.20.1.1
>>>>>
>>>>> Type escape sequence to abort.
>>>>> Sending 5, 100-byte ICMP Echos to 100.20.1.1, timeout is 2 seconds:
>>>>> U.U.U
>>>>> Success rate is 0 percent (0/5)
>>>>> RTB#
>>>>>
>>>>>
>>>>> RTA#sh ip nat translations
>>>>>
>>>>> RTA#
>>>>>
>>>>> Any help will be greatly appreciated.
>>>>>
>>>>> Regards,
>>>>> H.
>>>>>
>>>>> http://careers.yahoo.com.au - Yahoo! Careers
>>>>> - 1,000's of jobs waiting online for you!
>>>
>>> http://careers.yahoo.com.au - Yahoo! Careers
>>> - 1,000's of jobs waiting online for you!
>>>
>
> http://careers.yahoo.com.au - Yahoo! Careers
> - 1,000's of jobs waiting online for you!
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:22:55 GMT-3