From: Edouard Zorrilla (ezorrilla@tsf.com.pe)
Date: Tue Mar 03 2009 - 12:23:28 ARST
Let see, things inside the field:
Working witht he topology:
R3 (ISP2)
/
/
R5
\
\
R4 (ISP1)
R5 is a Multi-Homed site and two ISP's give you 2 different address :
200.200.200.0/24 and 100.100.100.0/24 (Inside Global) and we need to map a
server, which is inside R5(Fa0/0), over this two ISP's since we would like
to get, let say redundancy. So If we try to map a server w/o extendable
option, we get:
Rack1R5(config)#ip nat inside source static 132.1.115.11 200.200.200.200
Rack1R5(config)#ip nat inside source static 132.1.115.11 100.100.100.100
% 132.1.115.11 already mapped (132.1.115.11 -> 200.200.200.200)
Rack1R5(config)#
So lets do things work adding extendable option there:
Rack1R5(config)#no ip nat inside source static 132.1.115.11 200.200.200.200
Rack1R5(config)#$de source static 132.1.115.11 200.200.200.200 extendable
Rack1R5(config)#$de source static 132.1.115.11 100.100.100.100 extendable
Rack1R5(config)#
Rack1R5(config)#do sh run | in ip nat
ip nat inside
ip nat outside
ip nat outside
ip nat inside source static 132.1.115.11 100.100.100.100 extendable
ip nat inside source static 132.1.115.11 200.200.200.200 extendable
Rack1R5(config)#
Then the part the can not be omited, the testing one:
Rack1R3#ping 200.200.200.200 repeat 2 source loopback 0
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 200.200.200.200, timeout is 2 seconds:
Packet sent with a source address of 150.1.3.3
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 4/4/4 ms
Rack1R3#
and
Rack1R4#ping 100.100.100.100 repeat 2 source loopback 0
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds:
Packet sent with a source address of 150.1.4.4
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 4/4/4 ms
Rack1R4#
What we got in R5 is:
Rack1R5#
*Mar 3 13:25:07.609: NAT*: s=150.1.3.3, d=200.200.200.200->132.1.115.11
[30496]
*Mar 3 13:25:07.613: NAT*: s=132.1.115.11->200.200.200.200, d=150.1.3.3
[30496]
*Mar 3 13:25:07.613: NAT*: s=150.1.3.3, d=200.200.200.200->132.1.115.11
[30497]
*Mar 3 13:25:07.613: NAT*: s=132.1.115.11->200.200.200.200, d=150.1.3.3
[30497]
Rack1R5#
Rack1R5#
Rack1R5#
*Mar 3 13:25:15.021: NAT*: s=150.1.4.4, d=100.100.100.100->132.1.115.11
[42]
*Mar 3 13:25:15.021: NAT*: s=132.1.115.11->100.100.100.100, d=150.1.4.4
[42]
*Mar 3 13:25:15.025: NAT*: s=150.1.4.4, d=100.100.100.100->132.1.115.11
[43]
*Mar 3 13:25:15.025: NAT*: s=132.1.115.11->100.100.100.100, d=150.1.4.4
[43]
Rack1R5#
So it finally works,
Regards
----- Original Message -----
From: "GAURAV MADAN" <gauravmadan1177@gmail.com>
To: "Cisco certification" <ccielab@groupstudy.com>
Sent: Tuesday, March 03, 2009 8:32 AM
Subject: "extendable" keyword in NAT
> Hi
> Can someone please make me understand when to use "extendable" keyword in
> NAT statements .
>
> Ex
> ip nat inside source static tcp 1.1.1.1 23 2.2.2.2 23 extendable
>
> When to use "extendable" and when not to use
>
> Please advice
> Gaurav Madan.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:03 ART