Has anyone successfully implemented OER w/ NAT? I will have an 1841 with the 4-port EtherSwitch module that will have 3 cable modems connected and utilizing cisco's OER to utilize all 3 links for outbound Internet traffic. However, I am concerned about NAT. The only other interface used on the 1841 will be the connection to the local LAN (inside). I'm thinking this will require a loopback, but I'm not finding anything on CCO to back me up. Is it possible to just let the CMs do NAT? 1 CM is a static IP and the 2 others are DHCP. Anyone out there with any experience on this?
We have a keyword "oer" that was added to the NAT configuration. This allows the active NAT translations to "stick"to their current interfaces instead of PfR moving them to another exit interface. The reason for this keyword addition was to support multiple ISP connections where you might setup overload nat'ing out outside interfaces to two or more different ISPs (1 ISP per outside interface).
The scenario is you have the above topology and configured overload nat'ing for interface S0/0 and S0/1 each with a different ISP/address space.
You also have NOT configured the "oer" keyword within your NAT configuration statements.
If traffic is flowing into Fa0/0 and out S0/0 with an active NAT session (overloaded to S0/0) and PfR decides to move this traffic to interface S0/1 due to an Out of Policy event, this might black hole the traffic if ISP-B is configured to block IP networks which it does not own nor allocate IP address space to customers.
You now configured the "oer" keyword on your nat translations, PfR will not move this traffic until the NAT translation times out.
New Cisco Champion Radio release on Cisco Smart Building SolutionsListen: https://smarturl.it/CCRS8E16Follow us: https://twitter.com/CiscoChampion Now more than ever, sustainable and flexible building designs are at the forefront of every develo...
DRAFT -- THIS DOCUMENT IS STILL IN DRAFT FORM
MACsec is IEEE standard 802.1AE. It was developed by the IEEE to compliment the 802.1X-2004 standard. MACsec was developed to allow authorized systems to connect and then encrypt data that is transmitt...
Today I'm going to talk about SD-wan including SD-WAN advanced lab ,, first thing let's take a small brief about the SD_WAN. What is SD-WAN? SD-WAN is Software define wide area network and SD-WAN is key part of the technology o...
Leopold Fisher, Cisco Meraki IoT specialist, will introduce you to new and innovative additions to the Meraki portfolio coming in April 2021.
Meraki Vision Session
MV smart camera range is getting big...
Ask questions from Wednesday, April 14 to Tuesday, April 27, 2021.
To participate in this event, please use the button to ask your questions
Dynamic Routing Protocols & IPv6
Have any questions on dynamic routing protocols with IPv6?
In this eve...