Re: reposting:HSRP with NAT

From: phase90 (phase90@comcast.net)
Date: Sat Feb 14 2004 - 11:58:35 GMT-3

Hello,

        #1.) Unless this is a partial config, I believe you need the global
command "bridge irb"

to use BVI interfaces.

       #2.) I always thought Loopbacks were used for NAT address tricks /
workarounds. While I am

far from an expert on this, I would recommend labing this same config using
loopbacks where they

use BVIs and see if the desired routing behavior is achieved. Good luck.

Jerry
----- Original Message -----
From: "Winston V. Shaw" <wvshaw@bellsouth.net>
To: "Annu Roopa" <annu_roopa@yahoo.com>; "ccie group"
<ccielab@groupstudy.com>
Sent: Thursday, February 12, 2004 9:13 PM
Subject: Re: reposting:HSRP with NAT

> Hello Annu,
>
> 1. Does anyone know why BVI interface has been used to solve this ?
> Cant it be done with normal interafces ?
>
> I don't think that the BVI interfaces are critical here, it just happens
that these routers are doing bridging and routing using IRB. It should be
doable wirh normal interfaces.
>
> 2. why has the IP address 192.168.5.33 been static Natted when the HSRP
> ip address is 192.168.5.30. Getting confused..i would imagine the HSRP
> address would be natted.
>
> The actual host being natted to 3.3.3.5 is at IP address 192.168.5.33 on
the inside. It's global address to the ouside world is 3.3.3.5. Its default
gateway will be the HSRP address 192.168.5.30.
>
> 3. Is the redundancy command needed with static NAT cmd (looks it for mere
readbility)and what does it achive really
>
> Here the redundancy keyword is not for readability. It allows the host at
192.168.5.33 to arp request for the true MAC address of an HSRP router. This
accomplishes lighning fast failover to the standby if necessary. Remember
"under normal HSRP" hosts are usually given the Virtual MAC address of the
HSRP group and it not recommended for them to know the true MAC address of
an HSRP router.
>
> ip nat inside source static 192.168.5.33 3.3.3.5 redundancy HSRP1
>
> This command allows the HSRP router to give its actual BIA MAC address.
Now the host can be known by the same external address on both routers and
can communicate regardless of which HSRP router is active.
>
> WVShaw
> CCIE#7991
>
>
>
> >
> > From: Annu Roopa <annu_roopa@yahoo.com>
> > Date: 2004/02/11 Wed PM 12:20:58 EST
> > To: ccie group <ccielab@groupstudy.com>
> > Subject: reposting:HSRP with NAT
> >
> > Group,
> >
> I am surprised so many good CCIE's on this group are unable to help me
with this simple one. I have 3 questions and hopefully someone can help me
understand this. This is with rgds to HSRP and NAT on inside interface taken
from CCO doc CD. I have included the URL and the actual configs. Could not
find much in Gstudy archives either.3 Questions are -
>
> 1. Does anyone know why BVI interface has been used to solve this ?
> Cant it be done with normal interafces ?
> 2. why has the IP address 192.168.5.33 been static Natted when the HSRP
> ip address is 192.168.5.30. Getting confused..i would imagine the HSRP
> address would be natted.
>
> 3. Is the redundancy command needed with static NAT cmd (looks it for mere
readbility)and what does it achive really
>
>
>
>
> >
> > 2. why has the IP address 192.168.5.33 been static Natted when the HSRP
> > ip address is 192.168.5.30. Getting confused..i would imagine the HSRP
> > address would be natted.
> >
> > 3. Is the redundancy command needed with static NAT cmd (looks it for
mere readbility)and what does it achive really.
> >
> > ------------------------
> > Active Router Configuration
> >
> > interface BVI10
> > ip address 192.168.5.54 255.255.255.255.0
> > no ip redirects
> > ip nat inside
> > standby 10 priority 105 preempt
> > standby 10 name HSRP1
> > standby 10 ip 192.168.5.30
> > standby 10 track Ethernet2/1
> > !
> > !
> > ip default-gateway 10.0.18.126
> > ip nat inside source static 192.168.5.33 3.3.3.5 redundancy HSRP1
> > ip classless
> > ip route 11.11.11.0 255.255.255.0 Ethernet2/1
> > ip route 172.22.33.0 255.255.255.0 Ethernet2/1
> > no ip http server
> >
> > -----------------------------------
> >
> > Standby Router Configuration
> >
> > interface BVI10
> > ip address 192.168.5.56 255.255.255.255.0
> > no ip redirects
> > ip nat inside
> > standby 10 priority 100 preempt
> > standby 10 name HSRP1
> > standby 10 ip 192.168.5.30
> > standby 10 track Ethernet3/1
> > !
> > ip default-gateway 10.0.18.126
> > ip nat inside source static 192.168.5.33 3.3.3.5 redundancy HSRP1
> > ip classless
> > ip route 10.0.32.231 255.255.255 Ethernet3/1
> > ip route 11.11.11.0 255.255.255.0 Ethernet3/1
> >
> > URL:
> >
> >
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122
t/122t4/ftnthsrp.htm
> >
> >
> > Thanks in advance for the answers.
> >
> > Annu.
> >
> >
> >
> > Thanks in advance for ur time and replies.
> > Annu.
> >
> > ---------------------------------
> > Do you Yahoo!?
> > Yahoo! Finance: Get your refund fast by filing online
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:49 GMT-3