cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Stateful Network address translation

390
Views
0
Helpful
0
Comments

Let's take today about the stateful Nat [ SNAT]

-This is Feature give us translation more than one network address which mean Back up nat to the active failure. 

- Nat is great feature help us to permit the interconnection of private network to reach the Public network.

- SNAT work as active and back up scenario the active handle the traffic require translation ip address from Private to public.

- Back up SNAT is working as duplication all the translation which in the active table and once the active translator is down the back up will handle the translation and will replay to all requests. 

- There is Two phases of the SNAT , phase one was  not supported for the application level, 

Phase two is provide the application level and asymmetric routing [ Encryption method use two Keys to encrypt the plain text secret key is change over the internet] recommend to read one fully article about the asymmetric & symmetric.

-The mapping-id must be the same between them

-Redundancy string must match the standby name.  
Example for the SNAT configuration : 

--------------------------------

Interface Gig 0/0/0

Description SNAT

Standby 10 name SNAT-DC

standby 10 ip address 10.100.101.254

ip nat inside 

----- 

interface Gig 0/0/1

Ip nat outside 

----

IP nat stateful id 10

redundancy SNAT-DC

Mapping-id 90

----------------------------

access-list nat 

10 permit 10.100.101.0 0.0.0.255 

Ip nat pool SNAT-POOL 37.0.0.100 37.0.0.100 prefix-length 24 

Ip nat inside source list nat pool  SNAT-POOL mapping-id 90 overload 

---------

router bgp 6508

bgp router-id 10.10.10.10

no bgp default  ipv4-unicast

neighbor 38.0.0.100 remote-as 6509

address-family ipv4

network 37.0.0.100 mask 255.255.255.0

exit

------------

some of commands help for T-shoot 

Show ip snat peer 

show ip snat distributeed  

show ip snat distributed verbose 

show standby

 

CreatePlease to create content
Content for Community-Ad