From: Gianpietro Lavado (gianpietro1@gmail.com)
Date: Sun May 28 2006 - 15:15:39 ART
Hi Dave,
I don't know the exact meaning of the mapping-id but I know it can be the
same on both routers and I think it specifies locally to the router which
entries are to be passed to the stateful peers (in your case these would be
the entries generated by the line "ip nat inside source route-map RT pool
POOL" as it belongs to the mapping-id 1).
I think there's an error in your configuration because both of your routers
are using the same "ip nat stateful id" number, try changing one of them to
another value (2 for example), because this ID has to be unique in the
stateful group. Note that the output from 'show ip nat distributed' is
showing "Peer NAT id 0".
HTH
Gianpietro
On 5/27/06, Schulz, Dave <DSchulz@dpsciences.com> wrote:
>
> Group -
>
> I am having an issue with running a stateful NAT configuration. The doc
> CD is not very clear on a number of issue. Can anyone tell me the
> meaning of the "mapping-id" as it relates to stateful NAT? In this
> configuration, I can get the connection working through the routers,
> however, it appears that the port has changed once it makes the
> failover, and I cannot see the translation under the "show ip snat
> distributed". Therefore, I come believe that the stateful nat is not
> doing what it should and I am only getting standard nat translation.....
> here is the config on R2 and R3 set up as an HSRP pair.....
>
> R2.....(primary).....
>
> !
> interface FastEthernet0/0
> ip address 10.1.1.2 255.255.255.0
> ip nat inside
> duplex auto
> speed auto
> standby 1 ip 10.1.1.10
> standby 1 priority 105
> standby 1 preempt
> standby 1 name JUNK
> !
> interface Serial0/0
> ip address 192.168.1.2 255.255.255.0
> ip nat outside
> encapsulation frame-relay
> frame-relay map ip 192.168.1.1 201 broadcast
> frame-relay map ip 192.168.1.2 201
> frame-relay map ip 192.168.1.3 201
> no frame-relay inverse-arp
> !
> router ospf 1
> log-adjacency-changes
> network 2.2.2.2 0.0.0.0 area 2
> network 10.0.0.0 0.255.255.255 area 0
> !
> router bgp 300
> no synchronization
> bgp log-neighbor-changes
> neighbor 3.3.3.3 remote-as 300
> neighbor 3.3.3.3 update-source Loopback0
> neighbor 192.168.1.1 remote-as 100
> neighbor 192.168.1.1 local-as 200
> no auto-summary
> !
> ip nat Stateful id 1
> redundancy JUNK
> mapping-id 1
> ip nat pool POOL 10.1.1.20 10.1.1.30 prefix-length 24
> ip nat inside source route-map RT pool POOL mapping-id 1
> ip nat inside destination list 1 pool POOL
> !
> !
> access-list 1 permit any
> !
> route-map RT permit 10
> match ip address 1
> !
> !
>
> R3 ..... failover.....
>
> !
> interface Loopback0
> ip address 3.3.3.3 255.255.255.0
> !
> interface Ethernet0
> ip address 10.1.1.3 255.255.255.0
> ip nat inside
> standby 1 ip 10.1.1.10
> standby 1 preempt
> standby 1 name JUNK
> !
> interface Serial0
> ip address 192.168.1.3 255.255.255.0
> ip nat outside
> encapsulation frame-relay
> frame-relay map ip 192.168.1.1 301 broadcast
> frame-relay map ip 192.168.1.2 301
> frame-relay map ip 192.168.1.3 301
> no frame-relay inverse-arp
> !
> router ospf 1
> log-adjacency-changes
> network 3.3.3.3 0.0.0.0 area 3
> network 10.0.0.0 0.255.255.255 area 0
> !
> router bgp 300
> no synchronization
> bgp log-neighbor-changes
> neighbor 2.2.2.2 remote-as 300
> neighbor 192.168.1.1 remote-as 100
> neighbor 192.168.1.1 local-as 200
> no auto-summary
> !
> ip nat Stateful id 1
> redundancy JUNK
> mapping-id 1
> ip nat pool POOL 10.1.1.20 10.1.1.30 prefix-length 24
> ip nat inside source route-map RT pool POOL mapping-id 1
> !
> !
> access-list 1 permit any
> !
> route-map RT permit 10
> match ip address 1
> !
> !
> R2#sh ip snat distributed
>
> Stateful NAT Connected Peers
>
> SNAT: Mode IP-REDUNDANCY :: ACTIVE
> : State READY
> : Local Address 10.1.1.2
> : Local NAT id 1
> : Peer Address 10.1.1.3
> : Peer NAT id 0
> : Mapping List 1
>
>
> Dave Schulz
> Email: dschulz@dpsciences.com <mailto:dschulz@dpsciences.com >
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART