From: Radoslav Vasilev (deckland@gmail.com)
Date: Fri Oct 20 2006 - 14:27:55 ART
Hi Group,
I have configured SNAT on an HSRP-enabled sedment and i have
connecitivity from the private IP addressed local host to an external
segment.
checking on one of the hsrp routers:
Rack1R5#sh standby fa0/0
FastEthernet0/0 - Group 1
State is Active
5 state changes, last state change 00:04:53
Virtual IP address is 192.168.1.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.416 secs
Preemption disabled
Active router is local
Standby router is 192.168.1.6, priority 100 (expires in 8.400 sec)
Priority 200 (configured 200)
IP redundancy name is "snat" (cfgd)
We're the active router on the segment. Therefore we do the nat (the
same interface is nat inside interface):
Rack1R5#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 10.0.0.1 192.168.1.3 --- ---
Now, I want to make sure that if something happens with the local
router, the hsrp standby router will take over (not an issue
obviously) and what's more - the existing nat entries will be used on
the remote router. Checking on the standby hsrp router:
Rack1R6#sh ip nat translations
Rack1R6#sh ip snat distributed verbose
Stateful NAT Connected Peers
SNAT: Mode IP-REDUNDANCY :: STANDBY
: State READY
: Local Address 192.168.1.6
: Local NAT id 1
: Peer Address 192.168.1.5
: Peer NAT id 0
: Mapping List 10
: InMsgs 0, OutMsgs 5, tcb 0x474FD9C8, listener 0x4756EA4C
My question is: how can be checked that the nat translation entries on
the active nat/hsrp router are propagated to the standy one?
It seems that ``debug ip snat detail`` only shows the inter-router
communication without any nat entries shown.
Thanks,
Rado
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:06 ART