From: Tarun Pahuja (pahujat@gmail.com)
Date: Tue Nov 06 2007 - 15:38:43 ART
Gregory,
Hopefully Narbik's Lawyer would not be calling me since I am
jumping ahead of him to help you. I am sure he will have much more insight
in this matter than me ;-)
To answer your question, SNAT(Stateful Nat) can be configured in
Primary/Backup Mode and HSRP mode. In Primary/Backup mode, you have to
manually configure who the primary router is and who the secondary router is
and hence you do not need the word redundancy.
When you configure SNAT in HSRP mode, SNAT follows what HSRP tells it to
hence you use the word redundancy to tie the two together.
HTH,
Tarun
On 11/6/07, Gregory Gombas <ggombas@gmail.com> wrote:
>
> I'm not sure I follow?
>
> Let me restate the question and I hope Narbik himself can chime in here.
> There seem to be three different ways to configure NAT redundancy:
>
> Scenario 1 - Static NAT with HSRP:
> Step 1. Configure HSRP groups named HSRP-1
> Step 2. Tie the group name to the static command as follows:
> Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
>
> Scenario 2 - Stateful NAT with HSRP:
> Step 1. Configure HSRP groups named HSRP-1
> Step 2. Tie the group name to the stateful NAT configuration as follows:
> Router 2:
> ip nat Stateful id 1
> redundancy HSRP-1
> mapping-id 10
> Router 3:
> ip nat Stateful id 2
> redundancy HSRP-1
> mapping-id 10
>
> Scenario 3 - Stateful NAT without HSRP (Primary/Backup):
> PRIMARY:
> ip nat Stateful id 1
> primary 10.88.194.17
> peer 10.88.194.18
> mapping-id 10
> BACKUP
> ip nat Stateful id 2
> backup 10.88.194.18
> peer 10.88.194.17
> mapping-id 10
>
> My questions is what is the first scenario for? What is the
> significance of the redundacy keyword? How does it tie in with the
> HSRP config?
> How does that differ from configuring the two routers with static NAT
> and no redundancy keyword????
>
>
> On 11/6/07, Victor Cappuccio <vcappuccio@gmail.com> wrote:
> > Hi Gregory,
> > I had in CANTV this same issue, checking my old emails I found that
> > probably this link could help a lot
> >
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper0900aecd8052870b.shtml
> > Also:
> > http://www.iphelp.ru/faq/29/cisconut2-CHP-13-SECT-3.html
> >
> http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i2g.html#wp1079180
> >
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t4/ftnthsrp.htm
> >
> > Also be aware that CPU Process utilization and memory is critical in
> this
> > situation, using the using the following TCL Script to capture the
> number
> > of translations and using the show ip nat statistics to determine the
> > number of dynamic entries created in the NAT tables such as in: Active
> as to
> > Standby
> >
> > proc SNAT { DURANTE interval } {
> > set end [expr [clock seconds] + $DURANTE]
> > set cur [clock seconds]
> > set interval "${INTEVALO}000"
> > while { $cur < $end } {
> > show clock
> > show IP NAT sta | inc To
> > show proc cpu | exc 0.00
> > show memory statistics
> > puts "\n"
> > after $TIEMPO
> > set cur [clock seconds]
> > }
> > }
> >
> > My 2 cents
> >
> > Victor Cappuccio
> > www.vcappuccio.wordpress.com
> >
> >
> > On Nov 6, 2007 3:51 PM, Gregory Gombas <ggombas@gmail.com> wrote:
> > >
> > > Can someone please explain what the redundancy keyword at the end of a
> > > static nat statement does? For example:
> > >
> > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > >
> > > We tried the configuration from Narkbik's NAT lab excercise #9, and we
> > > found that failover worked the same with or without the redundancy
> > > keyword:
> > >
> > > Ip nat inside source static 10.1.123.1 192.1.1.1
> > >
> > > Here is the relevant configuration:
> > >
> > > On R2
> > > interface FastEthernet0/0
> > > Standby 1 ip 10.1.123.100
> > > Standby 1 priority 110
> > > Standby 1 preempt
> > > Standby 1 name HSRP-1
> > > Standby 1 track FastEthernet0/1 50
> > > ip nat inside
> > >
> > > interface FastEthernet0/1
> > > Standby 2 ip 200.1.1.100
> > > Standby 2 priority 110
> > > Standby 2 preempt
> > > Standby 2 track FastEthernet0/0 50
> > > ip nat outside
> > >
> > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > >
> > >
> > > On R3
> > > Interface FastEthernet0/0
> > > Standby 1 ip 10.1.123.100
> > > Standby 1 preempt
> > > Standby 1 name HSRP-1
> > > ip nat inside
> > >
> > > Interface FastEthernet0/1
> > > Standby 2 ip 200.1.1.100
> > > Standby 2 priority 100
> > > Standby 2 preempt
> > > ip nat outside
> > >
> > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > >
> > >
> > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> >
> >
> >
> > --
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:28 ART