cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
545
Views
0
Helpful
2
Replies

Optimized Edge Routing - NAT?

Adam Frederick
Level 3
Level 3

Has anyone successfully implemented OER w/ NAT? I will have an 1841 with the 4-port EtherSwitch module that will have 3 cable modems connected and utilizing cisco's OER to utilize all 3 links for outbound Internet traffic. However, I am concerned about NAT. The only other interface used on the 1841 will be the connection to the local LAN (inside). I'm thinking this will require a loopback, but I'm not finding anything on CCO to back me up. Is it possible to just let the CMs do NAT? 1 CM is a static IP and the 2 others are DHCP. Anyone out there with any experience on this?

2 Replies 2

a-vazquez
Level 6
Level 6

Here is a document explaining OER in detail along with some example configurations. I believe this would provide you with some information.

http://www.cisco.com/en/US/netsol/ns471/networking_solutions_white_paper0900aecd80243f70.shtml

Steve Lyons
Level 1
Level 1

We have a keyword "oer" that was added to the NAT configuration. This allows the active NAT translations to "stick"to their current interfaces instead of PfR moving them to another exit interface. The reason for this keyword addition was to support multiple ISP connections where you might setup overload nat'ing out outside interfaces to two or more different ISPs (1 ISP per outside interface).

For example

                      ------S0/0 ISP-A

----Fa0/0---R1

                      ------S0/1 ISP-B

The scenario is you have the above topology and configured overload nat'ing for interface S0/0 and S0/1 each with a different ISP/address space.

You also have NOT configured the "oer" keyword within your NAT configuration statements.

If traffic is flowing into Fa0/0 and out S0/0 with an active NAT session (overloaded to S0/0) and PfR decides to move this traffic to interface S0/1 due to an Out of Policy event, this might black hole the traffic if ISP-B is configured to block IP networks which it does not own nor allocate IP address space to customers.

You now configured the "oer" keyword on your nat translations, PfR will not move this traffic until the NAT translation times out.

Best Regards,

Steve Lyons - Cisco

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco