From: Richard Gallagher (rgallagh@cisco.com)
Date: Wed Mar 23 2005 - 22:00:58 GMT-3
Hi Arif,
I you use HSRP then there is no need to define the primary/backup peers
and HSRP takes care of this by itself.
Here are the configs from one of my setups, see if you can make sense of
them:
R1:
track 2 ip route 10.0.1.0 255.255.255.0 reachability
!
interface Ethernet0/0
ip address 10.0.0.3 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 1 ip 10.0.0.1
standby 1 preempt delay minimum 3 sync 5
standby 1 name snathsrp_1
standby 1 track Ethernet1/0
standby 1 track 2
!
interface Ethernet1/0
ip address 10.0.1.3 255.255.255.0
ip nat outside
ip virtual-reassembly
no keepalive
!
ip nat Stateful id 1
redundancy snathsrp_1
mapping-id 1
ip nat pool test 10.0.1.6 10.0.1.6 netmask 255.255.255.0
ip nat inside source list 101 pool test mapping-id 1 overload
!
access-list 101 permit ip any any
R2:
track 2 ip route 10.0.2.0 255.255.255.0 reachability
!
interface Ethernet0/0
ip address 10.0.0.4 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 1 ip 10.0.0.1
standby 1 priority 95
standby 1 name snathsrp_1
standby 1 track Ethernet1/0
standby 1 track 2
!
interface Ethernet1/0
ip address 10.0.1.4 255.255.255.0
ip nat outside
ip virtual-reassembly
no keepalive
!
ip nat Stateful id 2
redundancy snathsrp_1
mapping-id 1
ip nat pool test 10.0.1.6 10.0.1.6 netmask 255.255.255.0
ip nat inside source list 101 pool test2 mapping-id 1 overload
!
access-list 101 permit ip any any
HTH
* Rich Gallagher - Cisco Systems TAC
* CCIE #7211 - R&S, C&S
* APT Infrastructure Team
* Email: rgallagh@cisco.com
* Tel: +61 (0)2 8446 7829
Arif Rahman wrote:
> Hi
> thank you for reply. I have visited that site also. I did not
> understand complete example. For example 10.88.194.17 and 10.88.194.18
> is physical interface address or HSRP address is not clear. Under "ip
> nat Stateful id 2" below both address is 10.88.194.17. That does not
> make sense. Do have any idea?
>
> Configuration Examples for SNAT
>
> This section provides the following configuration example:
>
> _Configuring SNAT with HSRP_
>
> _Configuring SNAT Primary/Backup_
>
> *Configuring SNAT with HSRP
> *!
> ip nat Stateful id 1
> redundancy SNATHSRP
> mapping-id 10
> ip nat pool SNATPOOL1 11.1.1.1 11.1.1.9 prefix-length 24
> ip nat inside source route-map rm-101 pool SNATPOOL1 mapping-id 10
> overload
> ip classless
> ip route 11.1.1.0 255.255.255.0 Null0
> no ip http server
> ip pim bidir-enable
>
> *Configuring SNAT Primary/Backup
> *!
> ip nat Stateful id 1
> primary 10.88.194.17
> peer 10.88.194.18
> mapping-id 10
> !
> ip nat Stateful id 2
> backup 10.88.194.17
> peer 10.88.194.17
> mapping-id 10
>
>
> thank you - Arif
>
> At 11:29 AM 3/24/2005 +1100, Richard Gallagher wrote:
>
>> How about this:
>>
>> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftsnat.htm
>>
>> * Rich Gallagher
>> * CCIE #7211 - R&S, C&S
>>
>>
>> Arif Rahman wrote:
>>
>>> Hello group
>>> anyone can point me some links that describe NAT redundancy with
>>> examples. I have following but looks like I can do same job without
>>> "redundancy <HSRP_name>" at the end of "ip nat source....." command.
>>>
>>> http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087c4c.html
>>>
>>>
>>> Thank you
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:51 GMT-3