From: kang lee (kanghlee@gmail.com)
Date: Tue Nov 06 2007 - 15:50:26 ART
Greg,
it establishes NAT redundancy. it is optional command as you know.
"*redundancy **group-name
*
(Optional) Establishes NAT redundancy."
On 11/6/07, Tarun Pahuja <pahujat@gmail.com> wrote:
>
> Gregory,
> Hopefully Narbik's Lawyer would not be calling me since I
> am
> jumping ahead of him to help you. I am sure he will have much more insight
> in this matter than me ;-)
>
> To answer your question, SNAT(Stateful Nat) can be configured in
> Primary/Backup Mode and HSRP mode. In Primary/Backup mode, you have to
> manually configure who the primary router is and who the secondary router
> is
> and hence you do not need the word redundancy.
>
> When you configure SNAT in HSRP mode, SNAT follows what HSRP tells it to
> hence you use the word redundancy to tie the two together.
>
> HTH,
> Tarun
>
>
>
>
>
> On 11/6/07, Gregory Gombas <ggombas@gmail.com> wrote:
> >
> > I'm not sure I follow?
> >
> > Let me restate the question and I hope Narbik himself can chime in here.
> > There seem to be three different ways to configure NAT redundancy:
> >
> > Scenario 1 - Static NAT with HSRP:
> > Step 1. Configure HSRP groups named HSRP-1
> > Step 2. Tie the group name to the static command as follows:
> > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> >
> > Scenario 2 - Stateful NAT with HSRP:
> > Step 1. Configure HSRP groups named HSRP-1
> > Step 2. Tie the group name to the stateful NAT configuration as follows:
> > Router 2:
> > ip nat Stateful id 1
> > redundancy HSRP-1
> > mapping-id 10
> > Router 3:
> > ip nat Stateful id 2
> > redundancy HSRP-1
> > mapping-id 10
> >
> > Scenario 3 - Stateful NAT without HSRP (Primary/Backup):
> > PRIMARY:
> > ip nat Stateful id 1
> > primary 10.88.194.17
> > peer 10.88.194.18
> > mapping-id 10
> > BACKUP
> > ip nat Stateful id 2
> > backup 10.88.194.18
> > peer 10.88.194.17
> > mapping-id 10
> >
> > My questions is what is the first scenario for? What is the
> > significance of the redundacy keyword? How does it tie in with the
> > HSRP config?
> > How does that differ from configuring the two routers with static NAT
> > and no redundancy keyword????
> >
> >
> > On 11/6/07, Victor Cappuccio <vcappuccio@gmail.com> wrote:
> > > Hi Gregory,
> > > I had in CANTV this same issue, checking my old emails I found that
> > > probably this link could help a lot
> > >
> >
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper0900aecd8052870b.shtml
> > > Also:
> > > http://www.iphelp.ru/faq/29/cisconut2-CHP-13-SECT-3.html
> > >
> >
> http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i2g.html#wp1079180
> > >
> >
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t4/ftnthsrp.htm
> > >
> > > Also be aware that CPU Process utilization and memory is critical in
> > this
> > > situation, using the using the following TCL Script to capture the
> > number
> > > of translations and using the show ip nat statistics to determine the
> > > number of dynamic entries created in the NAT tables such as in: Active
> > as to
> > > Standby
> > >
> > > proc SNAT { DURANTE interval } {
> > > set end [expr [clock seconds] + $DURANTE]
> > > set cur [clock seconds]
> > > set interval "${INTEVALO}000"
> > > while { $cur < $end } {
> > > show clock
> > > show IP NAT sta | inc To
> > > show proc cpu | exc 0.00
> > > show memory statistics
> > > puts "\n"
> > > after $TIEMPO
> > > set cur [clock seconds]
> > > }
> > > }
> > >
> > > My 2 cents
> > >
> > > Victor Cappuccio
> > > www.vcappuccio.wordpress.com
> > >
> > >
> > > On Nov 6, 2007 3:51 PM, Gregory Gombas <ggombas@gmail.com> wrote:
> > > >
> > > > Can someone please explain what the redundancy keyword at the end of
> a
> > > > static nat statement does? For example:
> > > >
> > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > >
> > > > We tried the configuration from Narkbik's NAT lab excercise #9, and
> we
> > > > found that failover worked the same with or without the redundancy
> > > > keyword:
> > > >
> > > > Ip nat inside source static 10.1.123.1 192.1.1.1
> > > >
> > > > Here is the relevant configuration:
> > > >
> > > > On R2
> > > > interface FastEthernet0/0
> > > > Standby 1 ip 10.1.123.100
> > > > Standby 1 priority 110
> > > > Standby 1 preempt
> > > > Standby 1 name HSRP-1
> > > > Standby 1 track FastEthernet0/1 50
> > > > ip nat inside
> > > >
> > > > interface FastEthernet0/1
> > > > Standby 2 ip 200.1.1.100
> > > > Standby 2 priority 110
> > > > Standby 2 preempt
> > > > Standby 2 track FastEthernet0/0 50
> > > > ip nat outside
> > > >
> > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > >
> > > >
> > > > On R3
> > > > Interface FastEthernet0/0
> > > > Standby 1 ip 10.1.123.100
> > > > Standby 1 preempt
> > > > Standby 1 name HSRP-1
> > > > ip nat inside
> > > >
> > > > Interface FastEthernet0/1
> > > > Standby 2 ip 200.1.1.100
> > > > Standby 2 priority 100
> > > > Standby 2 preempt
> > > > ip nat outside
> > > >
> > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > >
> > > >
> > >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > >
> > >
> > >
> > > --
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:28 ART