08-10-2011 01:20 AM - edited 03-04-2019 01:14 PM
Hello
we are using ASR 1002 with inter-chassis redundanz.
In general the replication of nat sessions is working, now we want to change the whole thing to pat.
Now we are observe an issue if the device is configured to use pat
NAT1#show ip nat transla
Pro Inside global Inside local Outside local Outside global
tcp a.x.144.0:1024 192.168.252.2:51629 100.100.100.100:22 100.100.100.100:22
tcp a.x.144.0:1025 192.168.252.2:37761 100.100.100.100:22 100.100.100.100:22
tcp a.x.144.0:1026 192.168.252.2:37309 100.100.100.100:80 100.100.100.100:80
tcp a.x.144.0:1027 192.168.252.2:51628 100.100.100.100:22 100.100.100.100:22
Total number of translations: 4
NAT2#show ip nat transla
Pro Inside global Inside local Outside local Outside global
tcp a.x.144.0:1024 192.168.252.2:51629 100.100.100.100:22 100.100.100.100:22
tcp a.x.144.0:1025 192.168.252.2:37761 100.100.100.100:22 100.100.100.100:22
tcp a.x.144.0:1027 192.168.252.2:51628 100.100.100.100:22 100.100.100.100:22
Total number of translations: 3
The ssh session is replicated between the two asr devices but the www is not.
My Question now, is it a feature or a bug? Inside the documentation i did not find a hint for that issue.
Whole config:
ip nat pool officialips_pat a.x.144.0 a.x.144.3 netmask 255.255.255.252
ip nat inside source list natedhost_pat pool officialips_pat redundancy 1 mapping-id 100 overload
ip access-list extended natedhost_pat
remark allow_all_pat_applications-networks
permit ip 192.168.0.0 0.0.255.255 any
remark deny_anything_else
deny ip any any log
redundancy
mode none
application redundancy
group 1
name GROUP_1
preempt
priority 100 failover threshold 60
timers delay 60 reload 300
control Port-channel20 protocol 1
data Port-channel10
track 10 decrement 200
track 20 decrement 200
protocol 1
authentication md5 key-string xxx
interface Port-channel1.1099
encapsulation dot1Q 1099
ip address 10.64.21.99 255.255.255.240
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly
redundancy rii 1099
redundancy group 1 ip 10.64.21.97 exclusive decrement 200
!
interface Port-channel1.1100
encapsulation dot1Q 1100
ip address 10.64.21.115 255.255.255.240
no ip redirects
no ip proxy-arp
ip nat outside
ip virtual-reassembly
redundancy rii 1100
redundancy group 1 ip 10.64.21.113 exclusive decrement 200
!
08-10-2011 01:25 AM
asr 1002
ios: adventerprisek9.03.02.01.s151-1.s1
08-17-2011 12:57 AM
I asked to a guy from Cisco
Port 80 is not synchronized between the devices
10-11-2014 05:42 AM
Hello eddschulz
I am having 2 ASR 1002 routers. Now i want interchassis hardware redundancy between them.
1) Can you please tell me what are the prerequisites for configuring interchassis hardware redundancy?
2) As you have already this setup of two ASR connected with each other having interchassis hardware redundancy. Is it working fine? Have you faced any problem in interchassis hardware redundancy?
3) Which licence is required for interchassis hardware redundancy?
Regards,
Mukesh Kumar
Network Engineer
Spooster IT Services
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide