From: Gregory Gombas (ggombas@gmail.com)
Date: Tue Nov 06 2007 - 17:40:38 ART
Thanks Tarun - thats what we observed.
So is the "redundacy" option on the static command just one of those
useless options?
On 11/6/07, Tarun Pahuja <pahujat@gmail.com> wrote:
> Gregory,
> Static Nat with HSRP. Here HSRP router pairs have identical NAT
> configurations for redundancy. No dynamic entries are replicated amongst
> routers in the same HSRP redundancy group.
>
> HTH,
> Tarun
>
>
> On 11/6/07, Gregory Gombas <ggombas@gmail.com> wrote:
> > Thanks. That covers scenario 2 and 3, how about scenario 1?
> >
> > On 11/6/07, Tarun Pahuja < pahujat@gmail.com> wrote:
> > > Gregory,
> > > Hopefully Narbik's Lawyer would not be calling me since I
> am
> > > jumping ahead of him to help you. I am sure he will have much more
> insight
> > > in this matter than me ;-)
> > >
> > > To answer your question, SNAT(Stateful Nat) can be configured in
> > > Primary/Backup Mode and HSRP mode. In Primary/Backup mode, you have to
> > > manually configure who the primary router is and who the secondary
> router is
> > > and hence you do not need the word redundancy.
> > >
> > > When you configure SNAT in HSRP mode, SNAT follows what HSRP tells it to
> > > hence you use the word redundancy to tie the two together.
> > >
> > > HTH,
> > > Tarun
> > >
> > >
> > >
> > >
> > >
> > > On 11/6/07, Gregory Gombas <ggombas@gmail.com> wrote:
> > > >
> > > > I'm not sure I follow?
> > > >
> > > > Let me restate the question and I hope Narbik himself can chime in
> here.
> > > > There seem to be three different ways to configure NAT redundancy:
> > > >
> > > > Scenario 1 - Static NAT with HSRP:
> > > > Step 1. Configure HSRP groups named HSRP-1
> > > > Step 2. Tie the group name to the static command as follows:
> > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > >
> > > > Scenario 2 - Stateful NAT with HSRP:
> > > > Step 1. Configure HSRP groups named HSRP-1
> > > > Step 2. Tie the group name to the stateful NAT configuration as
> follows:
> > > > Router 2:
> > > > ip nat Stateful id 1
> > > > redundancy HSRP-1
> > > > mapping-id 10
> > > > Router 3:
> > > > ip nat Stateful id 2
> > > > redundancy HSRP-1
> > > > mapping-id 10
> > > >
> > > > Scenario 3 - Stateful NAT without HSRP (Primary/Backup):
> > > > PRIMARY:
> > > > ip nat Stateful id 1
> > > > primary 10.88.194.17
> > > > peer 10.88.194.18
> > > > mapping-id 10
> > > > BACKUP
> > > > ip nat Stateful id 2
> > > > backup 10.88.194.18
> > > > peer 10.88.194.17
> > > > mapping-id 10
> > > >
> > > > My questions is what is the first scenario for? What is the
> > > > significance of the redundacy keyword? How does it tie in with the
> > > > HSRP config?
> > > > How does that differ from configuring the two routers with static NAT
> > > > and no redundancy keyword????
> > > >
> > > >
> > > > On 11/6/07, Victor Cappuccio < vcappuccio@gmail.com> wrote:
> > > > > Hi Gregory,
> > > > > I had in CANTV this same issue, checking my old emails I found that
> > > > > probably this link could help a lot
> > > > >
> > >
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper0900aecd8052870b.shtml
> > > > > Also:
> > > > >
> > >
> http://www.iphelp.ru/faq/29/cisconut2-CHP-13-SECT-3.html
> > > > >
> > >
> http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i2g.html#wp1079180
> > > > >
> > >
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t4/ftnthsrp.htm
> > > > >
> > > > > Also be aware that CPU Process utilization and memory is critical in
> > > this
> > > > > situation, using the using the following TCL Script to capture the
> > > number
> > > > > of translations and using the show ip nat statistics to determine
> the
> > > > > number of dynamic entries created in the NAT tables such as in:
> Active
> > > as to
> > > > > Standby
> > > > >
> > > > > proc SNAT { DURANTE interval } {
> > > > > set end [expr [clock seconds] + $DURANTE]
> > > > > set cur [clock seconds]
> > > > > set interval "${INTEVALO}000"
> > > > > while { $cur < $end } {
> > > > > show clock
> > > > > show IP NAT sta | inc To
> > > > > show proc cpu | exc 0.00
> > > > > show memory statistics
> > > > > puts "\n"
> > > > > after $TIEMPO
> > > > > set cur [clock seconds]
> > > > > }
> > > > > }
> > > > >
> > > > > My 2 cents
> > > > >
> > > > > Victor Cappuccio
> > > > > www.vcappuccio.wordpress.com
> > > > >
> > > > >
> > > > > On Nov 6, 2007 3:51 PM, Gregory Gombas <ggombas@gmail.com > wrote:
> > > > > >
> > > > > > Can someone please explain what the redundancy keyword at the end
> of a
> > > > > > static nat statement does? For example:
> > > > > >
> > > > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > > > >
> > > > > > We tried the configuration from Narkbik's NAT lab excercise #9,
> and we
> > > > > > found that failover worked the same with or without the redundancy
> > > > > > keyword:
> > > > > >
> > > > > > Ip nat inside source static 10.1.123.1 192.1.1.1
> > > > > >
> > > > > > Here is the relevant configuration:
> > > > > >
> > > > > > On R2
> > > > > > interface FastEthernet0/0
> > > > > > Standby 1 ip 10.1.123.100
> > > > > > Standby 1 priority 110
> > > > > > Standby 1 preempt
> > > > > > Standby 1 name HSRP-1
> > > > > > Standby 1 track FastEthernet0/1 50
> > > > > > ip nat inside
> > > > > >
> > > > > > interface FastEthernet0/1
> > > > > > Standby 2 ip 200.1.1.100
> > > > > > Standby 2 priority 110
> > > > > > Standby 2 preempt
> > > > > > Standby 2 track FastEthernet0/0 50
> > > > > > ip nat outside
> > > > > >
> > > > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > > > >
> > > > > >
> > > > > > On R3
> > > > > > Interface FastEthernet0/0
> > > > > > Standby 1 ip 10.1.123.100
> > > > > > Standby 1 preempt
> > > > > > Standby 1 name HSRP-1
> > > > > > ip nat inside
> > > > > >
> > > > > > Interface FastEthernet0/1
> > > > > > Standby 2 ip 200.1.1.100
> > > > > > Standby 2 priority 100
> > > > > > Standby 2 preempt
> > > > > > ip nat outside
> > > > > >
> > > > > > Ip nat inside source static 10.1.123.1 192.1.1.1 redundancy HSRP-1
> > > > > >
> > > > > >
> > > > >
> > >
> _______________________________________________________________________
> > > > > > Subscription information may be found at:
> > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > >
> > > >
> > >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:28 ART