Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1192
Views
14
Helpful
4
Replies

Multiple NAT statements processing

subramaniyakarthic
Level 1
Level 1

‎03-21-2011 08:26 AM - edited ‎03-04-2019 11:49 AM

Hi all,

I tried to simulated NAT loadbalancing with Multiple ISPs.I configured it as per the doc.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080950834.shtml

I ve got few queries regarding this.

1)ip nat inside source route-map MAP1 interface FastEthernet0/1 overload

   ip nat inside source route-map MAP2 interface FastEthernet1/0 overload

I configured two NAT statements one per ISP. how will this statement affect the processing.

How does the router choose the "ip nat inside source" statement. My question is if we have multiple "ip nat" statements

how will they be processed.

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Sebastian Fernandez
Level 1
Level 1

‎03-21-2011 12:57 PM

Selection of NAT statements occurs only after the routing decision. Hence when a packet arrives on the NAT inside interfaces, it checks the destination and selects the egress interface and depending upon the egress interface it selects the NAT translation entry.

Since you are using dual ISP with overload on both exit points. Depending upon which exit is selected based on routing pattern, its configured NAT statement will be processed. Hence it is needed to make sure that your route-map also matches the exit interfaces as below

route-map MAP1

match access-group <>

match interface fa0/1

Check the nat order of operation.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

Please rate this post if you find it helpful.

Rgds,

Sebastian Fernandez

skarthic
Cisco Employee
Cisco Employee
In response to Sebastian Fernandez

‎03-21-2011 03:26 PM

So after routing decision, which decides the exit interface the NAT statement is selected.In the case where I have mentioned the interfaces are

overloaded and hence the appropriate interface gets selected


What happens when there is pool. How is the NAT statement selected? Does NAT check for the pool with the same subnet as the exit interface?

Thanks.

0 Helpful

Sebastian Fernandez
Level 1
Level 1
In response to skarthic

‎03-22-2011 08:04 AM

Incase you are NATting over multiple pools and no route-map (match interface) specified, it translates on the first statement in configuration. Hence it is a recommended design to use match interface when configuring NAT for different ISPs. Moreover in most ISP design, incoming traffic sourced from different ISP address space is not allowed and also leads in black holing and asymetric routing from ISP.

Rgds,

Sebastian Fernandez

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card